apache2 virtualhost tomcat8 geoserver ajp

Using Apache2 AND Tomcat8 on AWS Lightsail with Loadbalancer / OpenSSL

I'm running websites on AWS Lightsail using Ubuntu 16.04.6 with Apache 2.4 AND a Tomcat 8.0.32.

The Apache2 site hosts the bulk of my websites as they use PHP and PostgreSQL. The Tomcat is easy for hosting Geoserver.

I have a DNS and loadbalancer on AWS LightSail. I'm trying to figure out how to make both sights seamless using virtualhost. The apache2 sites come out okay, but the tomcats sites do not. I get this error

You don't have permission to access this resource.

Apache/2.4.18 (Ubuntu) Server at tomcat.some-kind-of-site.org Port 80

I'm trying to follow this instructions, but there are some difference in the setup from what I have: http://www.creang.com/howtoforge/howto_set_up_tomcat_8_with_apache_2_4_and_mod_jk_on_ubuntu/

I have my SSL info on the default-ssl-conf file

My tomcat8 server.xml contains:

    <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

Here's my sites-enabled config file:

 <VirtualHost *:80>
     ServerAdmin someone@gmail.com
     ServerName www.some-kind-of-site.org
     RewriteEngine On
     RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
     RewriteRule ^(.*)$ https://www.some-kind-of-site.org$1 [R=301,NE,L]
     DocumentRoot /var/www/html/main-site/
     Alias /multi-site /var/www/html/multi-site
     Alias /file-folder /var/www/html/file-folder
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
 <VirtualHost *:80>
     ServerName manage.some-kind-of-site.org
     DocumentRoot /var/www/html/main-mgmt/
     RewriteEngine On
     RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
     RewriteRule ^(.*)$ https://manage.some-kind-of-site.org$1 [R=301,NE,L]
     Alias /multi-site /var/www/html/multi-site
     Alias /file-folder /var/www/html/file-folder
     Alias /main-mgmt /var/www/html/main-mgmt
     Alias /main-site /var/www/html/main-site
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
 <VirtualHost *:80>
     ServerAdmin someone@gmail.com
     ServerName tomcat.some-kind-of-site.org
     DocumentRoot /var/lib/tomcat8/
     Alias /multi-site /var/www/html
     RewriteEngine On
     RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
     RewriteRule ^(.*)$ https://tomcat.some-kind-of-site.org$1 [R=301,NE,L]
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
 <VirtualHost *:80>
     ServerName geoserver.some-kind-of-site.org
     DocumentRoot /var/lib/tomcat8/webapps/geoserver/
     Alias /multi-site /var/www/html
     RewriteEngine On
     RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
     RewriteRule ^(.*)$ https://geoserver.some-kind-of-site.org$1 [R=301,NE,L]
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
 <IfModule mod_ssl.c>
     <VirtualHost _default_:443>
         ServerAdmin someone@gmail.com
         ServerName www.some-kind-of-site.org
         DocumentRoot /var/www/html/main-site/
         Alias /multi-site /var/www/html/multi-site
         Alias /file-folder /var/www/html/file-folder
         ErrorLog ${APACHE_LOG_DIR}/main-site_error.log
         CustomLog ${APACHE_LOG_DIR}/main-site_access.log combined
     </VirtualHost>
     <VirtualHost _default_:443>
         ServerAdmin someone@gmail.com
         ServerName manage.some-kind-of-site.org
         DocumentRoot /var/www/html/main-mgmt/
         Alias /multi-site /var/www/html/multi-site
         Alias /file-folder /var/www/html/file-folder
         Alias /main-mgmt /var/www/html/main-mgmt
         Alias /main-site /var/www/html/main-site
         ErrorLog ${APACHE_LOG_DIR}/main-mgmt_error.log
         CustomLog ${APACHE_LOG_DIR}/main-mgmt_access.log combined
     </VirtualHost>
     <VirtualHost *:443>
         ServerAdmin someone@gmail.com
         ServerName tomcat.some-kind-of-site.org
        <Proxy *>
            AddDefaultCharset Off
            Order deny,allow
            Allow from all
            </Proxy>
            ProxyPass / ajp://localhost:8009/
            ProxyPassReverse / ajp://localhost:8009/
         ProxyPreserveHost on
     </VirtualHost>
     <VirtualHost *:443>
         ServerAdmin someone@gmail.com
         ServerName geoserver.some-kind-of-site.org
        <Proxy *>
            AddDefaultCharset Off
            Order deny,allow
            Allow from all
            </Proxy>
            ProxyPass / ajp://localhost:8009/webapps/geoserver/
            ProxyPassReverse / ajp://localhost:8009/webapps/geoserver/
         ProxyPreserveHost on
         </VirtualHost>
     <FilesMatch "\.(cgi|shtml|phtml|php)$">
         SSLOptions +StdEnvVars
     </FilesMatch>
 </IfModule>

Can anyone help me with this?? PLEASE!

Solution

I figured it out... had to, no one answered. But it took LOTS of time and LOTS of trial and error.

Don't use the 443 port at all for tomcat proxy...

 <VirtualHost *:80>
     ServerAdmin someguy@gmail.com
     ServerName www.greatexamples.org
     RewriteEngine On
     RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
     RewriteRule ^(.*)$ https://www.greatexamples.org$1 [R=301,NE,L]
     DocumentRoot /var/www/html/mainsite/
     Alias /multi-site /var/www/html/multi-site
        Alias /old_stuff /var/www/html/old_stuff
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
 <VirtualHost *:80>
     ServerName manage.greatexamples.org
     DocumentRoot /var/www/html/management/
     RewriteEngine On
     RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
     RewriteRule ^(.*)$ https://manage.greatexamples.org$1 [R=301,NE,L]
     Alias /multi-site /var/www/html/multi-site
        Alias /old_stuff /var/www/html/old_stuff
        Alias /management /var/www/html/management
        Alias /mainsite /var/www/html/mainsite
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
 <VirtualHost *:80>
     ServerAdmin someguy@gmail.com
     ServerName tomcat.greatexamples.org
     DocumentRoot /opt/tomcat/
     ProxyRequests Off
    <Proxy *>
      Order deny,allow
      Allow from all
    </Proxy>
    <Location />
      Order allow,deny
      Allow from all
    </Location>
            ProxyPass / http://localhost:8080/
            ProxyPassReverse / http://tomcat.greatexamples.org:8080/
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
 <IfModule mod_ssl.c>
     <VirtualHost _default_:443>
         ServerAdmin someguy@gmail.com
         ServerName www.greatexamples.org
         DocumentRoot /var/www/html/mainsite/
         Alias /multi-site /var/www/html/multi-site
         Alias /file-folder /var/www/html/old_stuff
         ErrorLog ${APACHE_LOG_DIR}/main-site_error.log
         CustomLog ${APACHE_LOG_DIR}/main-site_access.log combined
     </VirtualHost>
     <VirtualHost _default_:443>
         ServerAdmin someguy@gmail.com
         ServerName manage.greatexamples.org
         DocumentRoot /var/www/html/management/
        Alias /multi-site /var/www/html/multi-site
        Alias /old_stuff /var/www/html/old_stuff
        Alias /management /var/www/html/old_stuff
        Alias /mainsite /var/www/html/mainsite
         ErrorLog ${APACHE_LOG_DIR}/main-mgmt_error.log
         CustomLog ${APACHE_LOG_DIR}/main-mgmt_access.log combined
     </VirtualHost>
 </IfModule>

and change the connector in Tomcat's server.xml to:

<Connector port="8080" protocol="HTTP/1.1"
    connectionTimeout="20000"
    proxyName="tomcat.greatexamples.org"
    proxyPort="80"
    redirectPort="8443" />