Apache, Tomcat and SSL – with Pictures!

Or at least examples! Apache SSL to non-SSL Tomcat: <VirtualHost mytchost:80> ProxyPass / http://backend.tomcat.host:8080 ProxyPassReverse / http://backend.tomcat.host:8080 <VirtualHost mytchost:80> <VirtualHost mytchost:443> ProxyPass / http://backend.tomcat.host:8080 ProxyPassReverse / http://backend.tomcat.host:8080 <VirtualHost mytchost:80> Apache SSL to SSL Tomcat. This is what you’d normally use if the Tomcat webapp had secure transport specified in its web.xml: <VirtualHost mytchost:80> ProxyPass / http://backend.tomcat.host:8080 ProxyPassReverse / […]

Apache, Tomcat and SSL

Its a popular thing to use Apache (or nginx,¬†etc.) as a reverse-proxy server fronting Tomcat. However, documentation on such practices tends to gloss over certain important things. Specifically: 1. Who owns the SSL cert that manages such a configuration. Apache or Tomcat? 2. Is the Apache-to-Tomcat tunnel encrypted? If so, how? I finally decided to determine by experimentation. […]

Land Mines – Spring Neo4j

One of the primary purposes of this blog is to record what I’ve learned by tedious trial and error and/or spending time down in source code I shouldn’t have had to look at. This particular topic has more than its share of discoveries. Spring Neo4j claims that it’s intended to imitate, where possible, existing persistence systems approaches. Unfortunately, […]

Baby Steps with OpenStack

The OpenStack cloud platform is hot these days. Anyone can set up and run their own private cloud without too much difficulty. Relatively speaking. You do need a huge chunk of RAM and a respectable amount of disk space, even for a minimal cloud. Also a x64-bit hardware VM capable CPU. But considering what you get, it’s not […]

Gnome Evolution is an Abomination and gnome-keyring should die in a fire!

Really. Between Evolution’s penchant for creating non-deletable – and defective – account associations and gnome-keyring’s useless pop-up dialogs, the whole thing almost makes Microsoft Windows seem attractive. Then again, gnome is, by and large, a slavish attempt to imitate many of Windows’ more obnoxious features. Like the Windows Registry. Honestly. People have been complaining about this stuff for […]

HOWTO: get Docker Containers under Centos 5 with Xen

Centos5 is getting long in the tooth, but then again, many of my servers are antiques that would find native Centos6 to be problematic. A recent adventure in disaster recovery led me to upgrade several of my Xen DomU’s from CentOS 5 to CentOS 6, but I was distressed to discover that about the minimum you can get […]

The curse of the mad Puppet

I have been working with various things designed to allow me to control the mousetech.com domain assets in a more centralized way. One of them was to try and use Puppet to provision machines. Puppet is a fairly nice tool, but there are some unexpected pitfalls. There are several ways to get puppet on a CentOS 5 server. […]

[SOLVED] mail loops back to me (MX problem?) for virtual machine

Sometimes they just gang up on you. I was migrating my sendmail server from a NAT address to a bridge address when it all started. Xen has this really nasty habit of zapping your hardware MAC address if you don’t get the nat routing configure just right. There’s obviously some way to get it to revert, because occasionally […]

The Underappreciated Raspberry

The Raspberry Pi B version is one of the most popular hacker toys of the day and with good reason. Although it’s not the first sub-miniature single-board computer, it’s the first one whose price, performance, features and power make it an acceptable substitute for a “real” desktop computer. But there’s another Raspberry Pi as well. Ironically, the “A” […]