On Thu, Feb 11, 2016 at 07:19:10PM +0000, Mark Thomas wrote:
> On 11/02/2016 19:17, m...@kimwana.com wrote:
> > If I want to run Tomcat using ssl only do I still need to set up a non-ssl
> > connector and redirect the port?
>
> That depends if you want Tomcat to respond at all if a user tries to use
> a non-TLS connection.
I do not want any unencrypted traffic. Ideally I would have iptables redirect
requests to port 80 to 8443.
I need to run Tomcat as the tomcat user so I can't listen on port 80 or 443.
I'm making iptables redirect inbound 80 --> 8443 but I think I need an outbound
rule to allow the replies out.
Inbound:
iptables -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT
--to-ports 8443
Or perhaps I need to set up httpd in front of Tomcat.
>
> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
