Using Tomcat with Apache (mod jk)

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

As standard, Zimbra runs itself on port 80. However, this means you can't use Apache or access any other website through that server. If you are using your server only as a groupware box, this is no bother. But if you are using it in the situation I am with other servers, this is no good. This tutorial will:

a.) Configure Tomcat to host on Port 7070 (as in M1) and 7443 for the SSL port

b.) Download and install the mod_jk RPM

c.) Configure mod_jk to access Zimbra on http://your-custome-apache-server/zimbra/

d.) Configure Apache to start on system boot

Original Tutorial from the forums [1]

a.) Configure Tomcat to host on Port 7070 (as in M1)

zmprov ms <servername> zimbraMailPort 7070
zmprov ms <servername> zimbraMailSSLPort 7443


b.) Download and install the mod_jk RPM

For CentOS 4.2:

wget http://mirrors.dotsrc.org/jpackage/1.6/redhat-el-3.0/free/RPMS/mod_jk-ap20-1.2.14.1-2jpp.i386.rpm
rpm -ivh mod_jk-ap20-1.2.14.1-2jpp.i386.rpm

For other distributions: Make sure that Apache has the mod_jk.so module located in the modules folder.


Edit server.xml

/opt/zimbra/tomcat/conf $ diff -u server.xml.bak server.xml
--- server.xml.bak      2006-02-27 15:03:24.000000000 -0500
+++ server.xml  2006-02-24 13:35:21.000000000 -0500
@@ -34,6 +34,8 @@
        clientAuth="false" sslProtocol="TLS"
        keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/>
+    <Connector port="8009"
+       enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
    <Engine name="Catalina" defaultHost="localhost">
      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase" />


Edit server.xml.in

/opt/zimbra/tomcat/conf $ diff -u server.xml.in.orig server.xml.in
--- server.xml.in.orig  2006-02-27 15:05:21.000000000 -0500
+++ server.xml.in       2006-02-24 12:51:40.000000000 -0500
@@ -34,6 +34,8 @@
        clientAuth="false" sslProtocol="TLS"
        keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/>
+    <Connector port="8009"
+       enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
    <Engine name="Catalina" defaultHost="localhost">
      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase" />


Create the workers.properties file /etc/httpd/conf.d/workers.properties

worker.list=localhost
worker.localhost.port=8009
worker.localhost.host=localhost
worker.localhost.type=ajp13
worker.localhost.lbfactor=1
workers.tomcat_home=/opt/zimbra/tomcat5
workers.java_home=/opt/zimbra/java


Next, configure Apache by editing httpd.conf or vhost specific file.


# Load mod_jk module
LoadModule    jk_module  modules/mod_jk.so
# Where to find workers.properties
JkWorkersFile /etc/httpd/conf.d/workers.properties
# Where to put jk logs
JkLogFile     /var/log/httpd/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel    debug
# SHM info
JkShmFile   /etc/httpd/logs/jk.shm
JkShmSize   10M
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions     +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat     "%w %V %T"
# JkMount points
JkMount /zimbra/* localhost
JkMount /service/* localhost
JkMount /zimbraAdmin/* localhost

[NOTE: the last argument given in the JkMount directive should be the name of the worker defined in workers.properties ]

Restart Tomcat and Apache

/opt/zimbra/bin/tomcat restart
apachectl restart

Issues

The login should be http only [2] It seems that mixed login is broken (Mixed login means that if you hit http://, it redirects to https for login then returns to http for session. If you hit https:// originally, the login is in https, and the session continues in https).

Jump to: navigation, search