Ettra, see also this thread: https://mail-archives.apache.org/mod_mbox/tomcat-users/201808.mbox/%3ccae35vmwcm9dkxmvabofgjb5d_oa07a6mrjxwcgknksbzgjh...@mail.gmail.com%3E
I did this with front nginx eventually. On Sat, Oct 6, 2018 at 7:29 AM ettra lancelot <ettra...@gmail.com> wrote: > > Thank you for the detailed answer, Chris. > > On Sat, Oct 6, 2018 at 2:41 AM Christopher Schultz < > ch...@christopherschultz.net> wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA256 > > > > Etcy, > > > > On 10/5/18 14:57, ettra lancelot wrote: > > > I would like to know whether it's possible to configure tomcat to > > > automatically redirect to the https URL when https port is access > > > using http scheme instead of https*.* > > > > There is no way to get Tomcat to do this for you right now. > > > > There is, however, the possibility of adding such a feature to Tomcat. > > > > If you make an HTTP request to Apache httpd on a TLS-enabled port, > > you'll get a response that says "Looks like you made a mistake". > > > > In the past, that would have been a huge pain in the neck for Tomcat, > > since the TLS handshake was handled *entirely* by the underlying > > crypto system (e.g. JSSE or APR/OpenSSL). AIUI, that code has been > > re-written and Tomcat is buffering everything internally and probing > > the handshake, etc. > > > > It should therefore be possible to respond in the way you describe, > > but I'm not sure how much appetite there is for issuing a redirect > > rather than just an informational page such as the one httpd returns. > > > > Unfortunately, Bill is incorrect when he says that you can write a > > Filter for this. No application code will ever see a connection over a > > connection which failed a TLS handshake. > > > > - -chris > > -----BEGIN PGP SIGNATURE----- > > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlu304gACgkQHPApP6U8 > > pFgj9A//SR89S85mbNovDkiRLo/KzlAf64sNNd0RHSsrKkxnwnoGxMwFt2XVIJ5F > > aNELyTf/mI0UPAyJw6D3W30pWVDtmqjyWe/Xc3YBKCTbDfruxUEGiW3rcSt1jVus > > RmqirBN3baduSiVyF5CLktXr/82CfqQ0Z4XUtt6NK5Nh7Hz+l6Olt6D7VlP1fcpM > > 29Q9vEuC5dkmdLoZYOuCleWtKeHOv96nk7pWvOq6P81VAk9SUcUEk9cbVhPosCYV > > fdUf3ma8fwgJLLfz2LGZEf5Fdo4elRYTNI/OXTWQbJiuFg1umHURKjCoEhUXnzPf > > FZY6mQr2OM3Yo/iLGBiVRAxrUAVEhXZjLEVE0DuPugDtb1JDX7bCZDKkz6HH+mXy > > 8A8Ekm/A12I55StC2CMqLSzKErd1q06lT6Xt1y4z76IZe3O6LjGMFfIsTLRVI63w > > QG1vF2pVDniXyGYozUwPuudJ7to/M9Z1Ls57RKXDXgw8QPxF7waM5vTQuiQDE/DP > > ECJEnaVeGVtPeCekD8Me56ezAVDRFrDlQKcZD+8PguTGJGpIC7ubByCFgTp1PRZ0 > > GxNA732h7zwTO8hSYzDTbnswwK17MJjYAezjz6ulnw178hJYSd05WJtPA1I8E798 > > QmsCilXAdmp741/QjdE8cLkonmBZHrkE7tm09Jit34I9VlBg3as= > > =wLba > > -----END PGP SIGNATURE----- > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
