tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From varun gulati <gitm...@yahoo.co.in.INVALID>
Subject Remove Port from Https URL || SSL Port Issue || Important
Date Fri, 10 Jun 2016 10:14:33 GMT
Hello Gurus,

We are using Tomcat to serve our User Base (we are not using Apache http Server but only Tomcat).
We have recently enabled SSL in our Project and everything runs just fine. We raised the CSR
using keytool, got the Certificates, So both of my below URLs work perfectly:

http://hostname:8080
https://hostname:8443

Framework Details: 
OS: Red Hat Enterprise Linux Server release 5.9 (Tikanga)
Tomcat Version: 7.x

Port 8443 which was not coming in the netstat o/p, now comes:

netstat -an | grep 8443
tcp        0      0 0.0.0.0:8443                0.0.0.0:*                  
LISTEN


Here is how the server.xml looks like (excluding the ciphers list):

===============================================================================================================

    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

    <!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->



        <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
                           keystoreFile="/abc/xyz/XXXXXX.keystore"
keystorePass="XXXXXX"
               clientAuth="false" sslProtocol="TLS"
                           ciphers="XXXXX" />

=================================================================================================================

Now the requirement is that, we exclude the Port no. from the URL. Believe the only way out
is to use Port 443 instead of 8443, so in the above configuration in the SSL section we just
replace the port "8443" with Port "443" and give the redirectPort as "8443".

However, it is not working out for us. We did a lot of investigation, surfing but could not
find any solution. 
Also we confirmed that Port 443 is not blocked anywhere. Also "netstat -an" doesn't give any
o/p for Port 443:Below is how our config looks like when we tried it out enabling 443 (excluding
ciphers). 

==================================================================================================================

    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

    <!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->



        <Connector executor="tomcatThreadPool" port="443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
                           keystoreFile="/abc/xyz/XXXXXX.keystore"
keystorePass="XXXXXX"
               clientAuth="false" sslProtocol="TLS" redirectPort="8443"
                           ciphers="XXXXXXX" />


==================================================================================================================

Really appreciate your help and guidance towards resolving the issue. Many thanks in advance...

 Thanks and Regards,Varun Gulati+91-9665121901

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message