> -----Original Message----- > From: Jeffrey D. Fisher [mailto:jeff.fisher12...@cox.net] > Sent: Tuesday, March 19, 2013 10:34 AM > To: 'Tomcat Users List'; mgai...@hotmail.com > Subject: RE: SSL Best Practices > > Yes, I do have a CA-issued certificate with a chain to a trusted CA. > I've imported it to the keystore. I am close to a solution. When I > attempt to open the default Apache web page using "https:" I get an > error page that says that the server cannot open the page. It opens > with "http:" just fine. > I have configured the normal ports i.e. "80" and "443" to redirect to > "8443". The reason for this is that the users having to include the > port numbers (8080 or 8443) would not be acceptable. They need only > enter the DNS name into the browser and DNS does the rest. > > I am missing something in the configuration of SERVER.XML, WEB.XML or > both to get the server to answer to an https connection. I cannot find > what it is that I have not done or I have missed! > > Any input would be appreciated. > > Best... > > Jeffrey D. Fisher > Omaha, NE USA >
I ran into this same issue; make sure you have 'secure="true"' in the connector: <Connector protocol="org.apache.coyote.http11.Http11Protocol" port="7443" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" keystorePass="mypassword" clientAuth="want" sslProtocol="TLS" keystoreFile=".\conf\myks.jks" truststoreFile=".\conf\myts.jks" /> Jeffrey Harris This e-mail and any attachments are intended only for the use of the addressee(s) named herein and may contain proprietary information. If you are not the intended recipient of this e-mail or believe that you received this email in error, please take immediate action to notify the sender of the apparent error by reply e-mail; permanently delete the e-mail and any attachments from your computer; and do not disseminate, distribute, use, or copy this message and any attachments. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org