CODEWITHSUNDEEP
tomcatartifactory
toobee
toobee

Reputation: 2752

Artifactory setting up HTTPS

I have an Artifactory running and I want to enforce a simple HTTPS connection and disable the regular HTTP access.

The result is that I seemingly succeeded, but the website is not reachable anymore - I get consequently redirect to 8443 which is my https port setting, but it does not connect anymore.

Since it is based on tomcat I edited the server.xml which looks like this now:

<Server port="8015" shutdown="SHUTDOWN">

    <Service name="Catalina">
        <Connector port="8081" redirectPort="8443" enableLookups="false"/>

<Connector
           protocol="org.apache.coyote.http11.Http11AprProtocol"
           port="8443" maxThreads="200"
           scheme="https" secure="true" SSLEnabled="true"
           SSLCertificateFile="/opt/artifactory-oss-4.1.2/tomcatcert.pem" 
           SSLCertificateKeyFile="/opt/artifactory-oss-4.1.2/tomcatkey.pem"
           SSLVerifyClient="optional" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/>

        <!-- This is the optional AJP connector -->
        <!--Connector port="8019" protocol="AJP/1.3"/-->

        <Engine name="Catalina" defaultHost="localhost">
            <Host name="localhost" appBase="webapps"/>
        </Engine>

    </Service>
</Server>

The redirect of the regular 8081 port seems to have no effect what so ever. It still uses 8081. Using port 8443 does not work at all and shows page not found.

Is a Tomcat expert around that can tell me what I am missing?

Upvotes: 2

Views: 5123

Answers (1)

CoDel
CoDel

Reputation: 173

Removing redirectPort="8443" from your first connector will do the trick: 

<Server port="8015" shutdown="SHUTDOWN">

    <Service name="Catalina">
        <Connector port="8081" enableLookups="false"/>

<Connector
           protocol="org.apache.coyote.http11.Http11AprProtocol"
           port="8443" maxThreads="200"
           scheme="https" secure="true" SSLEnabled="true"
           SSLCertificateFile="/opt/artifactory-oss-4.1.2/tomcatcert.pem" 
           SSLCertificateKeyFile="/opt/artifactory-oss-4.1.2/tomcatkey.pem"
           SSLVerifyClient="optional" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/>

        <!-- This is the optional AJP connector -->
        <!--Connector port="8019" protocol="AJP/1.3"/-->

        <Engine name="Catalina" defaultHost="localhost">
            <Host name="localhost" appBase="webapps"/>
        </Engine>

    </Service>
</Server>

Upvotes: 1

Related Questions