How to configure tomcat to redirect ip address

Question

We are using Tomcat 8.5. The site is hosted at https://foo.bar.com.

The site can be accessed by entering the IP address in the address bar https://111.111.111.111 ( of course the browser warn the user about certificate problem)

Is it possible to configure the Tomcat so that entering the IP redirects user to host. in this way entering the https://111.111.111.111 will redirect to https://foo.bar.com.

Answer 1

You could do this if you find a certificate authority that provides a certificate for an IP address. However, despite never having tried this, I doubt that one exists - I'd rather expect them to explicitly be forbidden to do so, as IP addresses change and, quite frankly, nobody navigates to a website by IP address unless you're in a development system.

Development (or "in house") use is the key to your workaround here: If you're only working internally, not public facing, you can create (and self-sign) a certificate for both the DNS name and the IP, and accept it once.

If it's a (large) intranet, you might have an internal CA, where they may do this (but I doubt).

Naturally, this only works for internal purposes, nothing public-facing. But you wouldn't hand out your system's IP address to any customer anyway, right? That's exactly what DNS is for. Plus it allows clients to connect through IPV6.

Answer 2

It would be very simple to write a Valve for this.

The tomcat 8 also ships with a rewrite valve, which sounds like something you are looking for.

But why should you do this? Normally nobody would like to use an IP address if you provide a Name via DNS.