On Thu, Feb 11, 2016 at 07:19:10PM +0000, Mark Thomas wrote: > On 11/02/2016 19:17, m...@kimwana.com wrote: > > If I want to run Tomcat using ssl only do I still need to set up a non-ssl > > connector and redirect the port? > > That depends if you want Tomcat to respond at all if a user tries to use > a non-TLS connection.
I do not want any unencrypted traffic. Ideally I would have iptables redirect requests to port 80 to 8443. I need to run Tomcat as the tomcat user so I can't listen on port 80 or 443. I'm making iptables redirect inbound 80 --> 8443 but I think I need an outbound rule to allow the replies out. Inbound: iptables -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8443 Or perhaps I need to set up httpd in front of Tomcat. > > Mark > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org