Here is the complete <Connector> configuration <!-- A "Connector" represents an endpoint by which requests are received and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 --> <Connector port="80" protocol="HTTP/1.1" enableLookups="false" connectionTimeout="20000" redirectPort="8443" /> <!-- A "Connector" using the shared thread pool--> <!-- <Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> --> <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 This connector uses the NIO implementation that requires the JSSE style configuration. When using the APR/native implementation, the OpenSSL style configuration is required as described in the APR/native documentation -->
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" keystoreFile="conf/tomcat.jks" keystorePass="password" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> as for the output to the keytool command: Isnt the output to that command, confidential information? Thanks On Tue, Jun 28, 2016 at 4:06 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Sean, > > On 6/28/16 2:31 PM, Sean Son wrote: > > Hey Philip > > > > So i was able to get the page to connect with SSL but I noticed > > that when I clicked on the little icon that looks like a lock next > > to https:// in the address bar, I saw this certificate error: > > Certificate Error There are issues with the site's certificate > > chain (net::ERR_CERT_COMMON_NAME_INVALID). > > This usually means that the URL you are using contains a hostname that > doesn't match the TLS certificate's "common name". > > > Does that mean that SSL has been implemented incorrectly? > > > > Also I am trying to get an incoming connection through port 80 to > > tomcat, to automatically redirect to port 8443 (or 443 which ever > > you think is easiest to implement) without having to use a reverse > > proxy in front of it. In my server.xml I have the following: > > > > <Connector port="80" protocol="HTTP/1.1" enableLookups="false" > > connectionTimeout="20000" redirectPort="8443" /> <!-- A "Connector" > > using the shared thread pool--> <!-- <Connector > > executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" > > connectionTimeout="20000" redirectPort="8443" /> > > > > > > I cannot get the redirect nor the SSL to work properly. Please > > help.. Thanks! > > Please post your complete <Connector> configuration (minus any > secrets), plus the output of this command: > > $ keytool -list -keystore [your keystore] -keystorepass [passwd] > > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCAAGBQJXcti2AAoJEBzwKT+lPKRYYNAP/jimgUxO8gp1W0rOEhqeTszc > yKjAhGQ6yjBE14mvDK+x2zO7+zw01fzqm3IbsyUeEHdSjo0YPQQl0/h15tnhatgA > WuMYz78HyXVtB02FPc/gg82LXwI5GowpKRgd3phQ6f1UKOxpcIPZdOG2MvsbLgFG > m8UX1qxhq34xkQBCkLv+sWd6sgAdGX3P6x/+qxCav3gr+8os5KHFofms6BUReIro > hTRQ6XXIbB3VvOGC6uK/IXLcKtvf1v7Bv5NUsL4mWd9AFkwLl+VlSjdK055ubftp > 6CKj5RUmJkJ06Y0Hy1dK4v9mjcMvM0VwsPcwU9E/GOKMMj0Q56EFVKQkroeLjdXj > bYMPc8FNAG6eYUdlrSx5lfcDqhO/EmiUZXLJykBbPFmcke8jED1b31WdboMaJAce > YuuYVUgia4+sP2w/u0bXdQB5ie6gYHecYwdhiIB/mYY74jVz6BeQ26x7EjS7w/WT > 4eI5XbPX6JPtJe0e3WpRIe2Fk/pLQOdcHMbG+g0X69cbRtRcf7PT/feGbJzoC/qJ > rUiE7okK98P9KawCV4lueV1b7whFAhJs6apGvIOs/1w296eZ60sM373ugF6ygc1b > gQybFF/NgnwLrKk0A63retwLeSj2ImB0pl3NvJ9yxJZOy+OP4GalV6BJ5+yF5yz2 > UESskxe5+W3VYH8s1Ekt > =6brz > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >