> From: Jaakko Taipale [mailto:jaakko.taip...@dbmanager.fi] > Subject: VS: Tomcat configuration with multiple services > > <Connector port="80" protocol="HTTP/1.1" > connectionTimeout="20000" > redirectPort="8443" /> > <Connector > port="443" minSpareThreads="5" maxSpareThreads="75" > enableLookups="true" disableUploadTimeout="true" > acceptCount="100" maxThreads="200" > scheme="https" secure="true" SSLEnabled="true" > keystoreFile="/path/somekeystore" keystorePass="*********" > clientAuth="false" sslProtocol="TLS"/>
Your redirectPort should target the configured HTTPS port, not thin air. > <Engine name="Public" defaultHost="mydomain.com"> > <Host name="mydomain.com" appBase="httpapps" > unpackWARs="true" autoDeploy="true" > xmlValidation="false" xmlNamespaceAware="false"> > </Host> > <Host name="hastobehttps.mydomain.com" appBase="httpsapps" > unpackWARs="true" autoDeploy="true" > xmlValidation="false" xmlNamespaceAware="false"> > </Host> > </Engine> What are you trying to achieve with the two <Host> elements? > How can I force that users use https(or prevent http) when > they access to hastobehttps.mydomain.com? Read the servlet spec; use a <transport-guarantee> of CONFIDENTIAL for all your webapps. If you want HTTPS to be used for everything, put the <security-constraint> element in conf/web.xml so it will be picked up by all webapps. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
