scanlex
Reputation: 11
How to redirect HTTP traffic to HTTPS while using Virtual Hosting in Tomcat
I need to configure my Tomcat 9 server to redirect http to https traffic.
I have tried:
Using a connector for the http port and having a redirectPort attribute pointing to the secure connector.
Including a security-constraint link at the bottom of the web.xml, which works for other Tomcat servers that are not using Virtual Hosting
Connector
<Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="443" />
<Connector
port="443"
protocol="org.apache.coyote.http11.Http11AprProtocol"
secure="true"
scheme="https"
maxThreads="200"
SSLEnabled="true"
maxSpareThreads="75"
maxHttpHeaderSize="8192"
acceptCount="100"
enableLookups="false"
disableUploadTimeout="true"
defaultSSLHostConfigName="example1.com">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig hostName="example1.com">
<Certificate
certificateKeystoreFile="www_example1_com.jks"
certificateKeystorePassword="…” />
</SSLHostConfig>
<SSLHostConfig hostName="example2.com">
<Certificate
certificateKeystoreFile="www_example2_com.jks"
certificateKeystorePassword="…” />
</SSLHostConfig>
</Connector>
Security Constraint
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Host configuration in server.xml
<!-- example1.com -->
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
<!-- example2.com -->
<Host name="example2.com" appBase="website-webapps" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="website-logs"
prefix="website_access_log."
suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
- https://example2.com - Works
- https://www.example2.com - Works
- www.example2.com - Does not Work
- example2.com - Does not work
Upvotes: 1
Views: 264
Answers (1)
scanlex
Reputation: 11
Port 80 was not open to outside traffic on my server, so the redirect could never happen. The http traffic was not getting to the server.
This was resolved by adding an inbound rule that allowed requests to reach port 80.
Upvotes: 0
Related Questions
- Redirect HTTP to HTTPS:PORT in Tomcat
- What is the correct way of having apache redirect to https AND tomcat (port 8080) at the same time
- How to disable auto redirect from HTTP to HTTPS on Tomcat
- Redirect http to https by configuring .conf file of apache
- Perform 301 redirect from http to https in Apache Tomcat
- Redirecting all traffic to www https
- Redirect HTTP to HTTPS in Spring Security or Tomcat
- HTTP to HTTPS redirection issue with Tomcat 8
- Tomcat ssl port not redirected automatically
- http to https redirect (tomcat/jboss)