Thank you for the detailed answer, Chris.
On Sat, Oct 6, 2018 at 2:41 AM Christopher Schultz <
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
> On 10/5/18 14:57, ettra lancelot wrote:
> > I would like to know whether it's possible to configure tomcat to
> > automatically redirect to the https URL when https port is access
> > using http scheme instead of https*.*
> There is no way to get Tomcat to do this for you right now.
> There is, however, the possibility of adding such a feature to Tomcat.
> If you make an HTTP request to Apache httpd on a TLS-enabled port,
> you'll get a response that says "Looks like you made a mistake".
> In the past, that would have been a huge pain in the neck for Tomcat,
> since the TLS handshake was handled *entirely* by the underlying
> crypto system (e.g. JSSE or APR/OpenSSL). AIUI, that code has been
> re-written and Tomcat is buffering everything internally and probing
> the handshake, etc.
> It should therefore be possible to respond in the way you describe,
> but I'm not sure how much appetite there is for issuing a redirect
> rather than just an informational page such as the one httpd returns.
> Unfortunately, Bill is incorrect when he says that you can write a
> Filter for this. No application code will ever see a connection over a
> connection which failed a TLS handshake.
> - -chris
> -BEGIN PGP SIGNATURE-
> Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
> -END PGP SIGNATURE-
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org