ct: Re: [EXTERNAL] Re: How to setup Strict-Transport-Security in TOMCAT
On 31/08/2022 17:39, Yanhua Wusands wrote:
> You are right, tomcat is sitting behind AWS LB, where is ssl enabled, once it
> is passed that, tomcat is set up to listen 8080.
> If I understand you correctly, we will ne
t you have the appropriate configuration in
place (typically the RemoteIpValve) to ensure that Tomcat can correctly
identify which traffic has been received via a secure channel and which via an
insecure channel.
Mark
On 31/08/2022 16:10, Yanhua Wusands wrote:
> acceptorT
-Original Message-
From: Mark Thomas
Sent: Wednesday, August 31, 2022 11:03 AM
To: users@tomcat.apache.org
Subject: [EXTERNAL] Re: How to setup Strict-Transport-Security in TOMCAT
On 31/08/2022 15:36, Yanhua Wusands wrote:
> We are us
We are using TOMCAT 9.0.40 on linux, and are trying setup
Strict-Transport-Security per requirement from our security team.
We followed this note:
https://knowledge.broadcom.com/external/article/226769/enable-http-strict-transport-security-hs.html
Changed $CATALINA_HOME/conf/web.xml
With:
