You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Palod, Manish" <ma...@intel.com> on 2016/09/09 06:47:27 UTC
tomcat 7.0.70 redirection is not working as expected with https
Hi All,
Previously I was using apache web server and tomcat for SSL redirection and web server, in that case redirection from apache to tomcat was working fine.
Now I have removed the apache web server and using tomcat only for ssl settings also [server.xml sslEnabled and other related settings], things are in general working fine, in one case redirection is not happening properly.
Following are the details about my server.xml
=
<Connector port="80" address="<address>" protocol="HTTP/1.1"
connectionTimeout="20000"
maxPostSize="10485760" redirectPort="444" URIEncoding="UTF-8"/>
<!--
To disable TLSv1.0, add sslEnabledProtocols="TLSv1.1,TLSv1.2" to connector
-->
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="conf/my-server.keystore" keystorePass="<xxx>" keystoreType="jks"
compression="on" compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css,application/x-javascript,application/javascript"
address="<address>"
ciphers="<ciphers>"
clientAuth="false" sslProtocol="TLS"
sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
redirectPort="444" maxPostSize="10485760"/>
<Connector port="444" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="conf/my-server.keystore" keystorePass="<xxx>" keystoreType="jks"
compression="on" compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css,application/x-javascript,application/javascript"
address="<address>"
truststoreFile="conf/ca.keystore" truststorePass="<yyy>" truststoreType="jks"
clientAuth="true" sslProtocol="TLS"
sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
ciphers="<ciphers>"
redirectPort="443" maxPostSize="10485760"/>
=
When I type,
http://<IP-Address<http://%3cIP-Address>>, I am able to access the server and able to perform the client-auth and server-auth operation
But when we try,
https://<IP-Address<https://%3cIP-Address>>, it fails
please help.
Regards
Manish
Re: tomcat 7.0.70 redirection is not working as expected with https
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Manish,
On 9/9/16 2:47 AM, Palod, Manish wrote:
> Hi All, Previously I was using apache web server and tomcat for SSL
> redirection and web server, in that case redirection from apache to
> tomcat was working fine.
>
> Now I have removed the apache web server and using tomcat only for
> ssl settings also [server.xml sslEnabled and other related
> settings], things are in general working fine, in one case
> redirection is not happening properly.
>
> Following are the details about my server.xml = <Connector
> port="80" address="<address>" protocol="HTTP/1.1"
> connectionTimeout="20000" maxPostSize="10485760" redirectPort="444"
> URIEncoding="UTF-8"/>
>
> <!-- To disable TLSv1.0, add sslEnabledProtocols="TLSv1.1,TLSv1.2"
> to connector --> <Connector port="443" protocol="HTTP/1.1"
> SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
> keystoreFile="conf/my-server.keystore" keystorePass="<xxx>"
> keystoreType="jks" compression="on"
> compressableMimeType="text/html,text/xml,text/plain,text/javascript,te
xt/css,application/x-javascript,application/javascript"
>
>
address="<address>"
> ciphers="<ciphers>" clientAuth="false" sslProtocol="TLS"
> sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" redirectPort="444"
> maxPostSize="10485760"/>
>
> <Connector port="444" protocol="HTTP/1.1" SSLEnabled="true"
> maxThreads="150" scheme="https" secure="true"
> keystoreFile="conf/my-server.keystore" keystorePass="<xxx>"
> keystoreType="jks" compression="on"
> compressableMimeType="text/html,text/xml,text/plain,text/javascript,te
xt/css,application/x-javascript,application/javascript"
>
>
address="<address>"
> truststoreFile="conf/ca.keystore" truststorePass="<yyy>"
> truststoreType="jks" clientAuth="true" sslProtocol="TLS"
> sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" ciphers="<ciphers>"
> redirectPort="443" maxPostSize="10485760"/> =
>
> When I type, http://<IP-Address<http://%3cIP-Address>>, I am able
> to access the server and able to perform the client-auth and
> server-auth operation
>
> But when we try, https://<IP-Address<https://%3cIP-Address>>, it
> fails
What version of Tomcat?
Please post the full Tomcat startup log from catalina.out. No
particular applications need to be deployed -- just let Tomcat start
on its own and post the log.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJX0wFfAAoJEBzwKT+lPKRYPXcP/RHRSd9rriZMH835rYYYtQK5
b4Ia+pLzH70YoatDeghwkbZYnVKk18gVq7PBGgID9WnP2aUtM1i1sMG5TpALy4Mz
6wnrwZTxtQgNyBMTe0G3QPc3k9YXmuScldi7LOaIoWVfVRONWJ3jP3LlBmAdaXGL
/QpyQG7CPd9CHiaYcKoh46oWVpknJ42NEFlMcpspD53bTgerTbIt5Q/ps5Y9FW8s
Znwb/zz7OIibzy/8C8hWZ0ycXYQzTNEfXxupI7DFJ5sUe2qLON9heeDKII69MVdi
XBsjhFW6DozN6CYXzSpzir574Us8pWXuMbGtGADIfy+xRpM8ISWqwDYB2XKgUuEc
bf5Mi6chxTGgKXowKdVpQskPOwlWOudDe58B4guYzCCpCGBX0vL4OJgNiDa+OkQk
uIOK8VDWPaWLs/cMjbj3uehr2KXCaH3UVDETILtq3BdMP3Vhvezbpmmyc2ubtyhn
gBr43fY3C7E7nUIlLixgh+yT9z9DUUUz7HKgWs42mTWyW5miH/NrR5S+tP+AQU8Z
EYxFyE8k1i3ccrdUa9cO0j/PJrsXLT7o5dF43CAWmgMgbFy82jdeX/HLvb3hGLmD
lsJdBuZ7g49k2+e/vKRew2kpYquAJ9BOQY4jzRnc0Ki1pxLj/z3DV5rdujNBQV4z
jGNiY+1ZuxTR89sR1zmL
=5rGv
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org