Shilpa
27 Feb 2022
Servers, Hosting
I am using Tomcat v9.0 and I have deployed a java application with server on staging and production websites using same tomcat configuration. When I hit the URL, it is not redirecting user to HTTPS.
I have generated CSR and I got certificates files from registrar. I used below command to generate keystore.
keytool -genkey -alias tomcat -keyalg RSA
My connector in server.xml file,
<!--
<Connector port="8443" protocol="HTTP/1.1"
maxThreads="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
Did I miss anything in the code while deploying the WAR/EAR to staging and live server?
Eslam Zedan
28 Feb 2022
Try add SSLEnabled="true"
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"/>
-->
Rakshit
28 Feb 2022
Best Answer
You can achieve your task with simple few steps:
I am assuming you have already created the keystone from keytool command.
Find the following declaration:
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
You can uncomment the lines and modify them as below.
<Connector SSLEnabled="true" acceptCount="100" clientAuth="false"
disableUploadTimeout="true" enableLookups="false" maxThreads="25"
port="8443" keystoreFile="c:/RaxTonProduction/.keystore" keystorePass="password"
protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https"
secure="true" sslProtocol="TLS" />
What did you do here?
You added the keystoreFile, keystorePass and changed the protocol declarations.
You can run your application on default HTTPS port 8443.
In this case, your 8080 (HTTP) port will also work.
If your requirement is to run your application with HTTPS only and not over HTTP, here is something that you can do!
Open your web.xml file, and add the below code:
<security-constraint>
<web-resource-collection>
<web-resource-name>securedapp</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
It will always run your application over HTTPS port only!
Hope you find your answer!
Reference: Tomcat
Appreciate your efforts. It worked!!
This is something new to me, when I run my java application it redirects to HTTPS port by itself, that is what I want.
<security-constraint>
<web-resource-collection>
<web-resource-name>securedapp</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
© 2024 Copyrights reserved for web-brackets.com