On 2/7/2019 9:54 PM, Christopher Schultz wrote:
… I would argue that adding Apache httpd into the mix (where is it not already there) is more complicated than using Let's Encrypt with Tomcat.
OK, I guess I didn't figure in the part about adding/configuring the connector. But still there are a few things I have doubts about, just looking over the document quickly:
* There's still the issue about listening on lower port numbers. From the presentation, it looks like I would need to teach myself about iptables. I wonder if students (and I) would find mucking with iptable configurations easier than just installing apache using APT and editing some XML files. (I don't know; I haven't looked into it deeply.) And the presentation tantalizingly mentioned something called "jsvc" but didn't provide any further details. I'll have to research that. Then I'll search for "jsvc vs iptables", etc. So the presentation is a good thing to tell me what to look for. * What about forwarding from the non-secure site to the HTTPS site? Apache makes that pretty easy; actually it's a little arcane, but once you have the virtual host file one wants one can use it as a pattern. I'll note that the presentation didn't cover that. Or is that something iptables is responsible for, too? Cheers, Garret
