Comments on: Configuring HTTP and HTTPS clustering on JBoss Server

By: Mr. President

Mr. President — Thu, 16 Jul 2009 15:40:19 +0000

Yes, this is load balancing JBoss instances. We did not need to handle session replication for that particular requirement. May be this will help.

By: JasonB

JasonB — Thu, 16 Jul 2009 15:10:10 +0000

Hi, this appears to be load balancing jboss instances with apache over ajp. Have I missed something ? Where is the jboss clustering, and how does session state etc. get replicated between the two instances ? Thanks.

By: Mr. President

Mr. President — Sun, 17 May 2009 05:23:54 +0000

Yes, getting multiple nodes protected depends on your certificate license. I will need to confirm this but one option is to set up Apache server with the certificate and use JK –> AJP module for pass thru communication to the JBoss nodes. Refer the second link. They have installed it in the same manner.

I checked up my setup. The SSL certificates are installed in my JBoss server not at the Apache end. I believe that you can also set up certificates at Apache server and JBoss. So it is essentially your choice. From a security perspective, I think having them at the JBoss Application server end should be enough.

By: Oleg

Oleg — Fri, 15 May 2009 20:39:36 +0000

Thanks for the first link, it really helped. As I understand the question is just in the licence, technically everithing will work event if we generate by keytool only one SSL certificate for the selected domain, sign it by authority and after that copy it to other nodes and make a converted copy with intermediate certificate for Apache. Am I right? As to the licences it’s not quite clear how many of them should we have in configuration of 2 nodes and load-balancer (Apache). In this case Apache SSL certificate should be licenced too?

By: Mr. President

Mr. President — Fri, 15 May 2009 16:11:27 +0000

Interesting question. The answer lies in selecting the appropriate licensed certificate from CA. They have different licensing policies based on your configuration. For Verisign you can refer this URL. The link should provide you with the relevant answers. In case the question is how to set up the certificate i.e. on the web server or the application server, here's a reference example.

By: Oleg

Oleg — Fri, 15 May 2009 10:04:05 +0000

Thank you.
Just one question. If the SSL certificate is signed by certificate authority, we can use one domain name for all Jboss nodes and Apache server?

By: paco

paco — Thu, 30 Apr 2009 17:50:46 +0000

thanks !!