?

Log in

Tomcat SSL - Linux Help Desk [entries|archive|friends|userinfo]
linuxsupport

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Tomcat SSL [Dec. 10th, 2009|09:16 pm]
linuxsupport

linuxsupport

[pkbarbiedoll]
I'm setting up a standalone instance of Tomcat - after importing my SSL certificate into the keystore, and restarting Tomcat -- how do users access the secure pages? (I'm waiting on the cert to be sent from verisign.. so I can't test right now)

Will secure pages be accessed by entering httpS:// as with the web server? Or will they have to enter http://blah.com:8443 ?
If the latter, is it possible to redirect that traffic to a friendlier URL? (ie, https://blah.com)
LinkReply

Comments:
[User Picture]From: eternal_leave
2009-12-11 07:46 am (UTC)
You know, port 443 is the default port for HTTPS traffic, so you need to replace "8443" to "443" in your server.xml in order to make users able to access secure site via "https://yourdomain.com"
However the above solution is less secure as you need to run Tomcat as a root user thus making all your web-applications to run with root permissions. You may consider redirecting traffic from :443 to :8443 using IPTABLES firewall (http://wiki.apache.org/tomcat/HowTo#How_to_run_Tomcat_without_root_priviledges.3F)

Btw what prevents you from installing a self-signed certificate for testing purposes?

P.S. Sorry for my English - Russian is my native language.
(Reply) (Thread)