tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Anderson <ander...@mitre.org>
Subject Re: Problem getting http redirected to https
Date Tue, 11 Jan 2005 02:11:30 GMT
Since it's not working right, it would help if you showed us what you did 
when you "configured a security-constraint in web.xml for testPage.html". 
did you do:

<user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>

In CATALINA_HOME/conf/server.xml, you need to configure the HTTP conector 
to redirect HTTPS to the HTTPS connector.

Do you have an HTTP connector configured in server.xml?  There are examples 
in the server.xml that shipped with Tomcat.

<Connector port="8080" redirectPort="8443" ... >

<Connector port="8443" scheme="https" secure="true" sslProtocol="TLS" 
keystorePass="secreted" keystoreFile="/usr/tomcat/.keystore" ... />

- Mark

James_sys wrote:
> Hi,
> 
> I've been wrestling with SSL on Tomcat for a while now. Hope you can offer
> some useful pointers.
> 
> My problem is around getting http requests auto-redirected to return an
> https response.
> 
> I can request https://exampleServer.com:8443/testPage.html and get an
> encrypted response.
> 
> However, if I request http://exampleServer.com:8080/testPage.html I see an
> HTTP 500 "internal error" message. I was expecting the server to internally
> redirect the request to https://... and return an encrypted response.
> 
> I've configured a security-constraint in web.xml for testPage.html. I've
> checked the servlet and catalina logs but don't see any errors or warnings.
> 
> I'm working with Tomcat 4.1.30 on a FreeBSD v4.7 platform. I know these are
> old versions, but I'm constrained by other dependencies in the Production
> environment.
> 
> Apologies if this is a common problem - I have checked the archives but
> didn't find what I need.
> 
> Thanks for any help.
> 
> Regards,
> 
> James.
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 

-- 
Mark Anderson                                voice:703-883-6508
Networking & Distributed Systems Engineer    fax  :703-883-5864
The MITRE Corporation                        email:anderson@mitre.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message