Can Certificate System 8 work behind AJP?
Issue
- There is a need for CS components to communicate on standard ports below 1024
-
Elevated privileges for those ports are not allowed, and violate Common Criteria certification
-
Apache Java Proxy will allow client auth, mod_proxy will not
- Changing the ports in Certificate System's sever.xml will violate Common Criteria certification
Environment
- Red Hat Certificate System 8
- Red Hat Enterprise Linux 5
- Apache httpd server
- Mod_jk
- Mod_nss
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.