Version 3

    Encrypting connection between httpd and TC;

    The only way to encrypt the data between Apache httpd and Tomcat is to use mod_proxy with https.

    In httpd.conf you need something like:

     

    SSLProxyEngine On
    SSLProxyVerify require
    SSLProxyCACertificateFile conf/cacert.pem
    SSLProxyMachineCertificateFile conf/proxy.pem
    ProxyPass / https://127.0.0.1:8443/
    ProxyPassReverse / https://127.0.0.1:8443/
    

    note: conf/proxy.pem should contain both key and certificate (and the certificate must be trusted by Tomcat).

     

    note: conf/cacert.pem must contain the CA that signed the Tomcat certificate.