Msh, On 2/13/16 12:28 PM, m...@kimwana.com wrote: > On Fri, Feb 12, 2016 at 05:36:56PM -0500, Christopher Schultz wrote: > Chuck, > > On 2/12/16 3:06 PM, Caldarale, Charles R wrote: >>>>> From: James H. H. Lampert [mailto:jam...@touchtonecorp.com] >>>>> Subject: Re: Does Tomcat need a non-ssl connector? >>>> >>>>> On 2/12/16, 11:40 AM, m...@kimwana.com wrote: >>>> >>>>>> Perhaps I should have phrased this differently. I want to >>>>>> force clients to ssl. When they hit http://app.myurl.com their >>>>>> browser should load https://app.myurl.com >>>> >>>>> Wouldn't mind knowing that myself. All the Tomcat installations >>>>> I'm responsible for are set up to simply reject non-secured >>>>> connections (that's EASY, just comment out the non-secured >>>>> connector); I'm sure some customers would like it to behave as >>>>> you describe. >>>> >>>> Read the servlet spec. > > +1 > >>>> Simply set transport-guarantee to CONFIDENTIAL for all URL >>>> patterns (/*). You can do this in the global conf/web.xml, if >>>> desired. > >> Yeah-no. Nothing is that simple ;) > > Not quite: there is still a bit of Tomcat configuration that needs to > be done. The default configuration will do this correctly (redirect > port 8080 -> 8443). If you want different port numbers, you'll need to > read the configuration reference for the HTTP connector. > >> jsvc is working for me but the redirect 80 --> 8080 (ssl) shows up in the >> url https://tomcat7.mynatnet.yo/8080 > >> I need to figure out how to have that uri load with ssl as >> https://tomcat7.mynatnet.yo
If jsvc is working for you, what's the port number you chose for SSL? 8080? (That's odd, most people use 8443). Why not just use the standard port for HTTPS? -chris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
