Home Contact Download

asyd.net

Welcome to Bruno Bonfils's (aka asyd homepage).

Once you successfully configured mod_jk (I suppose you create a worker named jboss), create a virtual host with this configuration:

DocumentRoot /var/www/
SSLEngine On
SSLCACertificateFile /etc/apache2/apache.pem
SSLCertificateFile /etc/apache2/apache.pem
SSLCertificateKeyFile /etc/apache2/apache.pem
SSLVerifyClient optional
JkMount /ejbca/* jboss

SSLOptions +StdEnvVars +ExportCertData
JkLogLevel error
JkExtractSSL on
JkHTTPSIndicator HTTPS
JkSESSIONIndicator SSL_SESSION_ID
JkCIPHERIndicator SSL_CIPHER
JkCERTSIndicator SSL_CLIENT_CERT

Using this configuration, you're able to browse the EJBCA website in https. If you don't have a client certificate, you can only use the public part, but if you have an administrator, you'll be able to access to the admininistration area.