-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Msh,
On 2/10/16 7:04 PM, m...@kimwana.com wrote: > I have the fillowing problem to solve for a job interview. Hmm. On the one hand, its YOUR job interview. On the other hand, if you don't know this answer, you need to be able to find out the answer, of course. How about we help you *just a little* to help yoursel f. > Install the latest version of Apache Tomcat 7 using the latest > version of Oracle Java 8. Done. Running under a non-root > account. > > Done. With the provided > helloworld.war deployed under the /app web context > (https://<hostname>/app) Done. > > With HTTPS enabled using a self-signed certificate that you > generate > Done. > > * Ensure the web application is available to the Internet for both > HTTP and HTTPS > > * HTTP requests should be redirected to HTTPS automatically > > I need help with the last two tasks. > > Do I need two redirecting connectors? > > 'iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j > REDIRECT --to-port 8080' could be the first step. > > Then . . . > > <Connector port="8080" enableLookups="false" redirectPort="443" /> > > <Connector port="443" > protocol="org.apache.coyote.http11.Http11Protocol" > enableLookups="false" redirectPort="8443" /> > > How do I tell Tomcat to use ssl on a specific port? I was able to > load the site in my browser without specifying a port which seemed > like a win but I need to see that good old self-signed cert > warning in my browser before I can call it a day. You have two connectors, but they are both HTTP (non-secure). Part of "installing Tomcat as non-root" means that binding to port 443 isn't going to work. You need to use a different port. A few thoughts: (1) There is no (stated) requirement that the non-secure web service be listening on port 80. There is no (stated) requirement that the secure web service be listening on port 443. Perhaps you could simplify things by not worrying about traditional port numbers for HTTP and HTTPS. (2) Everything you need to know about configuring SSL is in Tomcat's Users Guide[1] or Configuration Guide[2]. - -chris [1] http://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html [2] http://tomcat.apache.org/tomcat-8.0-doc/config/http.html -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAla8xMgACgkQ9CaO5/Lv0PCIOwCgrSddUZzULTPzL++vmYdQ6P5s P2AAoLzk+fasGjjzHOxEilTmvzn6DaUV =CuhC -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
