Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Tomcat with AutoSSL using EasyApache 3 with mod_jk

Discussion in 'EasyApache' started by Raj Janorkar, Jun 21, 2018.

  1. Raj Janorkar

    Raj Janorkar Member

    Joined:
    Jun 21, 2018
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane, Australia
    cPanel Access Level:
    Root Administrator
    Hi Team,

    SSL is more like default requirement now for any website owner, also google pushing hard on it.

    My scenario is something like below :

    I am using EasyApache 3 with Tomcat 7 (i will migrate to EasyApache 4 as soon as it is supported here)

    So my main website is php which and i run tomcat and use mod_jk to serve tomcat app, so in general how it works

    - Removed - - served by apache (php app)
    - Removed - - served by tomcat 7 (java app)

    as cpanel provide AutoSSL so i do not have problem migrating my php website and start serving it on - Removed - - it works perfectly fine.

    I was expecting my tomcat app will also work but it does not (- Removed -) this don't work, in general if i migrate to HTTPS my whole app does not work.

    (currently i am doing htaccess redirect to HTTP, just to keep it running, but i have to migrate both php and java app to HTTPS)

    I am actually looking for guidance from someone who know how to fix this, i don't want to buy another third party ssl certificate, as Cpanel provide AutoSSL for free so just want to use that.

    Thank you in advance.
     
    #1 Raj Janorkar, Jun 21, 2018
    Last edited by a moderator: Jun 21, 2018
  2. Raj Janorkar

    Raj Janorkar Member

    Joined:
    Jun 21, 2018
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane, Australia
    cPanel Access Level:
    Root Administrator
    'Removed' URLS like below :

    "http: //example.com" - served by apache (php app)
    "http: //example.com/tomcat" - served by tomcat 7 (java app)
     
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,231
    Likes Received:
    1,938
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Raj Janorkar,

    Can you let us know the contents of the .htaccess file in the directory where the Java application is stored?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Raj Janorkar

    Raj Janorkar Member

    Joined:
    Jun 21, 2018
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane, Australia
    cPanel Access Level:
    Root Administrator
    Code:
    <IfModule mod_rewrite.c>
        <IfModule mod_negotiation.c>
            Options -MultiViews
        </IfModule>
    
        Options -Indexes
        RewriteEngine On
    
        # Apache Shindig
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^(shindig) - [L]
    
    
        # Redirect without www to www
        RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
       RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^(.*)$ iGoogle Portal [L,R=301]
    
    
        # Redirect all trafic from https to http
    #    RewriteCond %{HTTPS} on
    #RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    #RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    #    RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L]
    
    
        # Redirect Trailing Slashes If Not A Folder...
        RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^(.*)/$ /$1 [L,R=301]
    
    
        # Handle Front Controller...
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^ index.php [L]
    
        # Handle Authorization Header
        RewriteCond %{HTTP:Authorization} .
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    
    </IfModule>
    Michael,

    Without SSL normal http you can see my tomcat app is returning js

    PHP:
    http://www.example.com/shindig/gadgets/js/core:open-views:opensearch:container:rpc:selection:views:actions:opensocial:xmlutil.js?c=1&debug=0&container=default
    but with SSL : HTTPS it is not working

    PHP:
    https://www.example.com/shindig/gadgets/js/core:open-views:opensearch:container:rpc:selection:views:actions:opensocial:xmlutil.js?c=1&debug=0&container=default
    so in my app if url content "/shindig/" then it should serve tomcat app content.

    cp_jkmount.conf in ssl & std setup is same as it is working on std.

    not sure whats going on..

    Thank you for your help
     
    #4 Raj Janorkar, Jun 22, 2018
    Last edited by a moderator: Jun 22, 2018
  5. Raj Janorkar

    Raj Janorkar Member

    Joined:
    Jun 21, 2018
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brisbane, Australia
    cPanel Access Level:
    Root Administrator
    It started working when i copy - cp_jkmount.conf file from std to ssl below.

    • /usr/local/apache/conf/userdata/std/2/$user/$domain/
    • /usr/local/apache/conf/userdata/ssl/2/$user/$domain/

    now i have mixed contents issues apache is blocking all css/js served over http. Does anybody have idea how to allow to serve both https/http content.
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,231
    Likes Received:
    1,938
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Raj Janorkar,

    I believe the issue you notice relates to an older internal case (EAL-43) that notes SSL reliability issues with mod_jk when using Tomcat with EasyApache 3. There's no planned solution on that case due to EasyApache 3's impending end-of-life. In the meantime, the following third-party URL offers a potential workaround for the mixed-content warnings:

    HTTPS issue with TOMCAT running behind Apache

    Additionally, note that while it's not considered ready for production servers, we've released the ea-tomcat85 RPM to the EasyApache 4 experimental repo:

    The Experimental Repository - EasyApache 4 - cPanel Documentation

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice