Hi I have updated the certificate now, but still I cannot access url https://example.lbg.com/towl either https://server.lbg.com/towl ?
I wonder why its working with port 8443 and not with out port On Thu, Apr 25, 2024 at 1:24 PM lavanya tech <lavanyatech...@gmail.com> wrote: > Hi Chris, > > One question / doubt: > > As I mentioned earlier, the below URLS already working in the browser > > https://server.lbg.com:8443/towl > > https://example.lbg.com:8443/towl -> redirect ( which means when I hit > in browser) it points to https://server.lbg.com:8443/towl ---> To be > frank, even I donot need redirect here, not sure why it redirects. > > My question is why its working even though SAN is not registered with the > certificate ? It doesnot even throw warning in the browser. > > Why https://server.lbg.com/towl or https://example.lbg.com/towl --> How > it should work with New SAN certificate ? > > Thanks, > Lavanya > > > > On Thu, Apr 25, 2024 at 10:16 AM lavanya tech <lavanyatech...@gmail.com> > wrote: > >> Hi Chris, >> >> >> Thanks I will request new certificate with SANs and I will try to fix the >> things from our end. >> >> Best Regards, >> Lavanya >> >> On Wed, Apr 24, 2024 at 11:12 PM Christopher Schultz < >> ch...@christopherschultz.net> wrote: >> >>> Lavanya, >>> >>> On 4/24/24 15:39, lavanya tech wrote: >>> > Local host means the machine i am logged in to server.lbg.com >>> > >>> > You are right, example.lbg.com is CNAME record. >>> >>> Okay, thanks for clearing that up. >>> >>> > I dont have any SAN configured for the certificate. The certificate is >>> > requested for only server.lbg.com >>> >>> You will never be able to make a secure request to anything other than >>> server.lbg.com without seeing an error. I highly recommend adding the >>> other hostname as a SAN to your certificate if you really want to >>> support this. >>> >>> Even if you wanted https://example.lbg.com/whatever to return an HTTP >>> 302 redirect to https://server.lbg.com/whatever, the user would see a >>> certificate hostname mismatch error which is ugly. It's best to make it >>> work without users seeing ugly things. >>> >>> > So if i just request new certificate with SAN it should work ? If yes, >>> I >>> > will request for it and follow your steps as below suggested. >>> >>> Yes, it should. >>> >>> > Should i use CName record or DNS? Does it make difference? >>> >>> CNAME *is* DNS. >>> >>> Whenever possible, use hostnames and not IP addresses as SANs. It's more >>> flexible that way, and users get to see hostnames instead of IP >>> addresses. >>> >>> -chris >>> >>> > On Wednesday, April 24, 2024, Christopher Schultz < >>> > ch...@christopherschultz.net> wrote: >>> > >>> >> Lavanya, >>> >> >>> >> On 4/24/24 07:37, lavanya tech wrote: >>> >> >>> >>> Sorry I understood wrongly here with regards to my environment, Let >>> me >>> >>> start from the beginning. I donot want to use redirect at all. I >>> simply >>> >>> wanted to force apache tomcat to use both localhost and dns name of >>> the >>> >>> localhost via url. >>> >>> >>> >> >>> >> When you say "force" what do you mean? >>> >> >>> >> When you say "use both localhost and DNS name" what do you mean? >>> >> >>> >> When you say "localhost" do you mean 127.0.0.1 or "the machine I'm >>> >> logged-into right now"? >>> >> >>> >> I have DNS resollution as below. >>> >>> >>> >>> server.lbg.com --> localhost >>> >>> >>> >> >>> >> Is that a CNAME record? >>> >> >>> >> nslookup server.lbg.com (localhost) >>> >>> Name: server.lbg.com >>> >>> Address: 192.168.100.20 >>> >>> alias: example.lbg.com >>> >>> >>> >> >>> >> That's a weird DNS response. The DNS name "localhost" should *always* >>> >> return 127.0.0.1 for IPv4 and ::1 for IPv6. It shouldn't return >>> >> 191.168.100.20. >>> >> >>> >> We have working the below urls working: >>> >>> https://server.lbg.com:8443/towl >>> >>> https://example.lbg.com:8443/towl --> redirects to >>> >>> >>> >> >>> >> What do you mean "redirect"? Does it return a 30x response that >>> causes the >>> >> browser to make a new request to \/ >>> >> >>> >> https://server.lbg.com:8443/towl --> still works --> we have SSL >>> >>> configured for the same but this SSL certificate doesnot have >>> additional >>> >>> DNS setup. >>> >>> >>> >> >>> >> What SANs are in your certificate? How many certificates do you have? >>> >> >>> >> But I would need to somehow access https://example.lbg.com --> which >>> >>> means >>> >>> I would need to access via 443 here ? >>> >>> >>> >> >>> >> I'm so confused. What needs to access what? >>> >> >>> >> I tried to adding the below to server.xml as below, but that doesnot >>> seems >>> >>> to work. >>> >>> >>> >>> <Connector port="80" >>> >>> protocol="org.apache.coyote.http11.Http11NioProtocol" >>> >>> connectionTimeout="20000" >>> >>> redirectPort="443" /> >>> >>> >>> >> >>> >> This will only redirect (HTTP 302) requests to >>> http://yourhost/anything >>> >> to https://yourhost/anything *if the application specifically >>> requests >>> >> CONFIDENTIAL transport*. It doesn't just redirect everything by >>> default. If >>> >> you want it to redirect everything, you'll need to set that up e.g. >>> using >>> >> RewriteValve. There are other options, too. >>> >> >>> >> Do i need additional SSL certificate for the https://example.lbg.com >>> to >>> >>> make it work ? >>> >>> >>> >> >>> >> If you don't want your browser to complain, you will need at least >>> one TLS >>> >> certificate that contains every Subject Alternative Name (SAN) for >>> every >>> >> possible hostname you expect to use with this service. You ca do it >>> with >>> >> multiple certificates as well, but a single cert with multiple SANs >>> is less >>> >> work. >>> >> >>> >> Do i need to set up an additional web server for this like apache or >>> nginx >>> >>> for redirecting requests? >>> >>> >>> >> >>> >> No. >>> >> >>> >> Please stop saying "redirect" because it sounds like you almost never >>> mean >>> >> "HTTP 30x redirect" and that's confusing everything. >>> >> >>> >> I *think* you only need the following: >>> >> >>> >> 1. A TLS certificate with the following SANs: >>> >> >>> >> * server.lbg.com >>> >> * example.lbg.com >>> >> * localhost (you shouldn't do this) >>> >> >>> >> 2. DNS configured for all hostnames: >>> >> >>> >> * server.lbg.com -> A 192.168.100.20 >>> >> * example.lgb.com -> A 192.168.100.20 >>> >> >>> >> 3. Tomcat configured with a single <Host> which is the default virtual >>> >> host. Note that this is the *default Tomcat configuration* and >>> doesn't need >>> >> to be changed from the default. >>> >> >>> >> 4. Tomcat configured with your certificate like this: >>> >> >>> >> <Connector ... >>> >> SSLEnabled="true"> >>> >> <SSLHostConfig> >>> >> <Certificate >>> >> certificateFile="/path/to/your/cert.crt" >>> >> certificateKeyFile="/path/to/your/key.pem" /> >>> >> <!-- You may need certificateKeyPassword in <Certificate> --> >>> >> </SSLHostConfig> >>> >> </Connector> >>> >> >>> >> If your SANs are configured properly, this should allow you to connect >>> >> using any of these URLs: >>> >> >>> >> $ curl https://server.lbg.com/towl/login.jsp >>> >> >>> >> (returns login page) >>> >> >>> >> $ curl https://example.lbg.com/towl/login.jsp >>> >> >>> >> (returns login page) >>> >> >>> >> If your application's web.xml contains something like this: >>> >> >>> >> <security-constraint> >>> >> <web-resource-collection> >>> >> <web-resource-name>theapp</web-resource-name> >>> >> <url-pattern>/*</url-pattern> >>> >> </web-resource-collection> >>> >> <user-data-constraint> >>> >> <transport-guarantee>CONFIDENTIAL</transport-guarantee> >>> >> </user-data-constraint> >>> >> </security-constraint> >>> >> >>> >> ... then these URLs insecure HTTP URLs should redirect your clients: >>> >> >>> >> $ curl http://server.lbg.com/towl/login.jsp >>> >> >>> >> (returns HTTP 302 redirect to >>> https://server.lbg.com/towl/login.jsp) >>> >> >>> >> $ curl https://server.lbg.com/towl/login.jsp >>> >> >>> >> (returns HTTP 302 redirect to >>> https://example.lbg.com/towl/login.jsp) >>> >> >>> >> I don't think you need any use of the RewriteValve unless you want to >>> >> handle sending HTTP 302 redirect responses to insecure requests >>> without >>> >> specifying the CONFIDENTIAL transport-guarantee in your application's >>> >> web.xml file. But I don't see any reason NOT to have that in there. >>> >> >>> >> -chris >>> >> >>> >> On Tue, Apr 23, 2024 at 10:52 PM Christopher Schultz < >>> >>> ch...@christopherschultz.net> wrote: >>> >>> >>> >>> Lavanya, >>> >>>> >>> >>>> On 4/22/24 05:21, lavanya tech wrote: >>> >>>> >>> >>>>> Could you please explain, what you exactly mean ? So here redirect >>> is >>> >>>>> >>> >>>> not a >>> >>>> >>> >>>>> solution right ? >>> >>>>> >>> >>>> >>> >>>> Redirecting is fine. >>> >>>> >>> >>>> Perhaps you should take a step back and decide: what do you actually >>> >>>> want, here? You might be trying to solve problem X by applying >>> solution >>> >>>> Y, and you've already decided that solution Y is correct so you are >>> >>>> trying to get help with that. >>> >>>> >>> >>>> Perhaps ask for help with Problem X? >>> >>>> >>> >>>> For example, "I don't want users to have to type the name of my >>> >>>> application to reach it so I want example.com/ to go to my >>> application >>> >>>> instead of example.com/myapp/". >>> >>>> >>> >>>> Or, "I have multiple domains and I want all of them to redirect to >>> the >>> >>>> canonical domain example.com and to go to me web application >>> /myapp so >>> >>>> everything goes to example.com/myapp/". >>> >>>> >>> >>>> "You'd have to use a glob/regex if >>> >>>>> you wanted to check for [anything and maybe nothing.]example.com." >>> >>>>> >>> >>>> >>> >>>> There is nothing in your configuration or question that suggests >>> that >>> >>>> the hostname in the request is relevant, but you are making it a >>> >>>> *requirement* that the request contains a specific Host header. IF >>> you >>> >>>> don't actually need that, why do you have it? >>> >>>> >>> >>>> -chris >>> >>>> >>> >>>> On Fri, Apr 19, 2024 at 3:03 PM Christopher Schultz < >>> >>>>> ch...@christopherschultz.net> wrote: >>> >>>>> >>> >>>>> Ammu, >>> >>>>>> >>> >>>>>> On 4/19/24 08:32, lavanya tech wrote: >>> >>>>>> >>> >>>>>>> Thank you very much. I removed <Host> for example.com as well as >>> >>>>>>> >>> >>>>>> adding >>> >>>> >>> >>>>> an >>> >>>>>> >>> >>>>>>> <Alias> in server.xml >>> >>>>>>> I copied context.xml file >>> >>>>>>> /git/app/apache-tomcat-10.1.11/webapps/towl/META-INF/context.xml >>> >>>>>>> Removed < in rewrite.config files. >>> >>>>>>> >>> >>>>>>> But still I dont redirect the URL. >>> >>>>>>> >>> >>>>>> >>> >>>>>> If you have <Context> in server.xml and also your application in >>> the >>> >>>>>> webapps/ directory, then you will be double-deploying your >>> application. >>> >>>>>> >>> >>>>>> Re-name /git/app/apache-tomcat-10.1.11/webapps/towl/ to be >>> >>>>>> /git/app/apache-tomcat-10.1.11/webapps/ROOT (the capitals are >>> >>>>>> important) >>> >>>>>> and remove the <Context> element from your server.xml. >>> >>>>>> >>> >>>>>> Then start your server and read the logs. >>> >>>>>> >>> >>>>>> *nslookup alias.example.com <http://alias.example.com> >>> >>>>>>> gives-->Non-authoritative answer:Name: www.example.com >>> >>>>>>> <http://www.example.com>Address: 192.168.200.10Aliases: >>> >>>>>>> >>> >>>>>> alias.example.com >>> >>>>>> >>> >>>>>>> <http://alias.example.com>* >>> >>>>>>> >>> >>>>>>> >>> >>>>>>> Just to give some information here, *www.example.com >>> >>>>>>> <http://www.example.com>* has alias* "alias.example.com >>> >>>>>>> <http://alias.example.com>"* >>> >>>>>>> But https://www.example.com:7777/example --> works fine with out >>> >>>>>>> >>> >>>>>> issues >>> >>>> >>> >>>>> but >>> >>>>>> >>> >>>>>>> the alias doesnot works (https://alias.example.com) >>> >>>>>>> So i am not sure if the redirect url helps or if its correct >>> >>>>>>> >>> >>>>>> >>> >>>>>> Your rewrite configuration says that you have to be using host >>> >>>>>> "example.com" but your request goes to www.example.com. Your >>> >>>>>> configuration should only redirect a request such as: >>> >>>>>> >>> >>>>>> $ curl -v http://example.com:7777/something >>> >>>>>> >>> >>>>>> HTTP/1.1 301 Moved Permanently >>> >>>>>> ... >>> >>>>>> Location: https://www.example.com:7777/example >>> >>>>>> >>> >>>>>> If you make a request like: >>> >>>>>> >>> >>>>>> $ curl -v http://www.example.com:7777/something >>> >>>>>> >>> >>>>>> I wouldn't expect a redirect because of your "host" condition. The >>> >>>>>> "%{HTTP_HOST} example.com" looks at the entire Host header and >>> not >>> >>>>>> just >>> >>>>>> anything that ends in "example.com". You'd have to use a >>> glob/regex if >>> >>>>>> you wanted to check for [anything and maybe nothing.]example.com. >>> >>>>>> >>> >>>>>> You'd also have to make sure that your application is serving >>> responses >>> >>>>>> to requests to / which is why I'm recommending you use the ROOT >>> web >>> >>>>>> application name instead of "towl". >>> >>>>>> >>> >>>>>> -chris >>> >>>>>> >>> >>>>>> On Fri, Apr 19, 2024 at 1:21 PM Christopher Schultz < >>> >>>>>>> ch...@christopherschultz.net> wrote: >>> >>>>>>> >>> >>>>>>> Ammu, >>> >>>>>>>> >>> >>>>>>>> On 4/18/24 09:34, lavanya tech wrote: >>> >>>>>>>> >>> >>>>>>>>> I am attaching server.xml and context.xml and rewrite.config >>> files. >>> >>>>>>>>> The paths are >>> >>>>>>>>> >>> >>>>>>>>> /git/app/apache-tomcat-10.1.11/webapps/towl/context.xml >>> >>>>>>>>> <Context> >>> >>>>>>>>> <Valve >>> >>>>>>>>> >>> >>>>>>>> className="org.apache.catalina.valves.rewrite.RewriteValve" >>> >>>>>> >>> >>>>>>> /> >>> >>>>>>>> >>> >>>>>>>>> <!-- Other context configuration --> >>> >>>>>>>>> </Context> >>> >>>>>>>>> >>> >>>>>>>> >>> >>>>>>>> This file ^^^ is in the wrong place. It should be in >>> >>>>>>>> /git/app/apache-tomcat-10.1.11/webapps/towl/META-INF/context.xml >>> >>>>>>>> >>> >>>>>>>> >>> /git/app/apache-tomcat-10.1.11/webapps/towl/WEB-INF/rewrite.config >>> >>>>>>>>> >>> >>>>>>>>> <RewriteCond %{HTTP_HOST} example.com [NC] >>> >>>>>>>>> <RewriteRule ^/(.*)$ https://www.example.com:7777/example >>> [R=301,L] >>> >>>>>>>>> >>> >>>>>>>> >>> >>>>>>>> Why do you have < symbols at the beginning of these lines? >>> >>>>>>>> >>> >>>>>>>> server.xml >>> >>>>>>>>> >>> >>>>>>>>> > [...] >>> >>>>>>>> >>> >>>>>>>>> >>> >>>>>>>>> <Host name="example.com" appBase="webapps" >>> >>>>>>>>> >>> >>>>>>>> unpackWARs="true" >>> >>>> >>> >>>>> autoDeploy="true"> >>> >>>>>>>>> <Context path="" docBase="towl" /> >>> >>>>>>>>> >>> >>>>>>>> >>> >>>>>>>> It's best not to define any <Context> in server.xml. I would >>> remove >>> >>>>>>>> >>> >>>>>>> this >>> >>>> >>> >>>>> <Context> entirely and allow Tomcat to auto-reploy from your >>> >>>>>>>> webapps/towl directory. If you need this application to be >>> deployed >>> >>>>>>>> as >>> >>>>>>>> the ROOT context (on / and not /towl) then you should re-name >>> >>>>>>>> /git/app/apache-tomcat-10.1.11/webapps/towl to >>> >>>>>>>> /git/app/apache-tomcat-10.1.11/webapps/ROOT >>> >>>>>>>> >>> >>>>>>>> You also don't need a <Host> for example.com as well as adding >>> an >>> >>>>>>>> <Alias> for the same domain (though this is probably to >>> anonymize the >>> >>>>>>>> configuration). You can feel free to simply use the "localhost" >>> >>>>>>>> <Host> >>> >>>>>>>> as the default <Host> and deploy everything into it. This makes >>> your >>> >>>>>>>> configuration changes relative to a stock Tomcat less >>> significant and >>> >>>>>>>> easier to apply to new versions if/when necessary. >>> >>>>>>>> >>> >>>>>>>> -chris >>> >>>>>>>> >>> >>>>>>>> On Thu, Apr 18, 2024 at 2:17 PM Christopher Schultz < >>> >>>>>>>>> ch...@christopherschultz.net> wrote: >>> >>>>>>>>> >>> >>>>>>>>> Ammu, >>> >>>>>>>>>> >>> >>>>>>>>>> On 4/18/24 07:45, lavanya tech wrote: >>> >>>>>>>>>> >>> >>>>>>>>>>> I added classname rewrite valeus in contex.xml file . >>> >>>>>>>>>>> >>> >>>>>>>>>>> <!-- REWRITE VALVE --> >>> >>>>>>>>>>> <Valve >>> >>>>>>>>>>> >>> >>>>>>>>>> className="org.apache.catalina.valves.rewrite.RewriteValve" >>> >>>>>>>> >>> >>>>>>>>> /> >>> >>>>>>>>>> >>> >>>>>>>>>>> <!-- // --> >>> >>>>>>>>>>> >>> >>>>>>>>>>> created rewrite.config so both of them is located under conf >>> >>>>>>>>>>> under >>> >>>>>>>>>>> apache-tomcat. >>> >>>>>>>>>>> >>> >>>>>>>>>>> >>> >>>>>>>>>>> <RewriteCond %{HTTP_HOST} >>> example.com >>> >>>>>>>>>>> [NC] >>> >>>>>>>>>>> <RewriteRule ^/(.*)$ >>> >>>>>>>>>>> https://www.example.com:7777/example [R=301,L] >>> >>>>>>>>>>> >>> >>>>>>>>>>> So according to the documentaion they say context.xml should >>> be >>> >>>>>>>>>>> >>> >>>>>>>>>> placed >>> >>>>>> >>> >>>>>>> under webapps and rewrite.config file should be put in WEB-INF >>> >>>>>>>>>>> >>> >>>>>>>>>> folder >>> >>>> >>> >>>>> of >>> >>>>>>>> >>> >>>>>>>>> apache-tomcat . I placed and restarted tomcat webserver but >>> still >>> >>>>>>>>>>> >>> >>>>>>>>>> it >>> >>>> >>> >>>>> doesnot redirect. >>> >>>>>>>>>>> >>> >>>>>>>>>> >>> >>>>>>>>>> Can you give full paths to both server.xml and rewrite.config, >>> >>>>>>>>>> >>> >>>>>>>>> re-post >>> >>>> >>> >>>>> your current server.xml <Context> element, and the complete >>> contents >>> >>>>>>>>>> >>> >>>>>>>>> of >>> >>>>>> >>> >>>>>>> rewrite.config? >>> >>>>>>>>>> >>> >>>>>>>>>> Have you looked at the log files after start? >>> >>>>>>>>>> >>> >>>>>>>>>> -chris >>> >>>>>>>>>> >>> >>>>>>>>>> On Thu, Apr 18, 2024 at 1:36 PM lavanya tech < >>> >>>>>>>>>>> >>> >>>>>>>>>> lavanyatech...@gmail.com >>> >>>>>> >>> >>>>>>> >>> >>>>>>>>> wrote: >>> >>>>>>>>>>> >>> >>>>>>>>>>> Hi Thomas, >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> Thanks for the fast response. >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> I added classname rewrite valeus in contex.xml file . >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> <!-- REWRITE VALVE --> >>> >>>>>>>>>>>> <Valve >>> >>>>>>>>>>>> >>> >>>>>>>>>>> className="org.apache.catalina.valves.rewrite.RewriteValve" >>> >>>>>>>> >>> >>>>>>>>> /> >>> >>>>>>>>>> >>> >>>>>>>>>>> <!-- // --> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> created rewrite.config so both of them is located under >>> conf >>> >>>>>>>>>>>> >>> >>>>>>>>>>> under >>> >>>> >>> >>>>> apache-tomcat. >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> So according to the documentaion they say context.xml >>> should be >>> >>>>>>>>>>>> >>> >>>>>>>>>>> placed >>> >>>>>> >>> >>>>>>> under webapps and rewrite.config file should be put in WEB-INF >>> >>>>>>>>>>>> >>> >>>>>>>>>>> folder >>> >>>>>> >>> >>>>>>> of >>> >>>>>>>> >>> >>>>>>>>> apache-tomcat >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> Thnks, >>> >>>>>>>>>>>> Ammu >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> >>> >>>>>>>>>>>> On Thu, Apr 18, 2024 at 1:22 PM Mark Thomas < >>> ma...@apache.org> >>> >>>>>>>>>>>> >>> >>>>>>>>>>> wrote: >>> >>>>>> >>> >>>>>>> >>> >>>>>>>>>>>> On 18/04/2024 12:05, lavanya tech wrote: >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>>> Hi Team, >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> I am using "Tomcat 10.1" in our environment and I wanted >>> to >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> redirect >>> >>>>>> >>> >>>>>>> url >>> >>>>>>>>>> >>> >>>>>>>>>>> from https://example.com to https://www.servercom:7777 and >>> for >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> this i >>> >>>>>>>> >>> >>>>>>>>> modified the server.xml as below in tomcat config, and the >>> below >>> >>>>>>>>>>>>>> configuration doesnot seems to work. Does anyone has >>> ideas. >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> Please >>> >>>> >>> >>>>> suggest. >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>>> The url alone https://www.servercom:7777/ already works. >>> But >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> just >>> >>>> >>> >>>>> redirection from the old to one doesnot. >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> <Host name="example.com" appBase="app" unpackWARs="true" >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> autoDeploy="true"> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>>> <Context path="" docBase="example" /> >>> >>>>>>>>>>>>>> <Alias>example.com</Alias> >>> >>>>>>>>>>>>>> <!-- Add RewriteValve and RewriteRule here --> >>> >>>>>>>>>>>>>> <Valve >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> className="org.apache.catalina.valves.rewrite.RewriteValve"/> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>>> <Engine name="Catalina" >>> defaultHost="localhost"> >>> >>>>>>>>>>>>>> <Host name="example.com" appBase="app" >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> unpackWARs="true" >>> >>>>>> >>> >>>>>>> autoDeploy="true"> >>> >>>>>>>>>>>>>> <Context path="" docBase="example" /> >>> >>>>>>>>>>>>>> <Alias>example.com</Alias> >>> >>>>>>>>>>>>>> <Valve >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> className="org.apache.catalina.valves.rewrite.RewriteValve"/> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>>> <Engine name="Catalina" >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> defaultHost="localhost"> >>> >>>> >>> >>>>> <Host name="example.com" appBase="app" >>> >>>>>>>>>>>>>> unpackWARs="true" autoDeploy="true"> >>> >>>>>>>>>>>>>> <Context path="" >>> docBase="example" /> >>> >>>>>>>>>>>>>> <Alias>example.com</Alias> >>> >>>>>>>>>>>>>> <!-- Rewrite rule to redirect >>> to >>> >>>>>>>>>>>>>> www.servercom:8080/example --> >>> >>>>>>>>>>>>>> <RewriteCond %{HTTP_HOST} >>> >>>>>>>>>>>>>> example\.com >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> [NC] >>> >>>>>> >>> >>>>>>> <RewriteRule ^/(.*)$ >>> >>>>>>>>>>>>>> https://www.servercom:7777/example/$1 [R=301,L] >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> 1. That isn't valid XML. >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> 2. Where in the Tomcat docs does it say you can nest >>> re-write >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>> rules >>> >>>> >>> >>>>> in >>> >>>>>>>> >>> >>>>>>>>> a >>> >>>>>>>>>> >>> >>>>>>>>>>> Host element (or any other element)? >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> </Host> >>> >>>>>>>>>>>>>> </Engine> >>> >>>>>>>>>>>>>> </Host> >>> >>>>>>>>>>>>>> </Engine> >>> >>>>>>>>>>>>>> </Host> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> You need to configure the RewriteValve. >>> >>>>>>>>>>>>> https://tomcat.apache.org/tomcat-10.1-doc/rewrite.html >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> Mark >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> ------------------------------------------------------------ >>> >>>>>> --------- >>> >>>>>> >>> >>>>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> >>>>>>>>>>>>> For additional commands, e-mail: >>> users-h...@tomcat.apache.org >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>>>> >>> >>>>>>>>>>> >>> >>>>>>>>>> >>> >>>>>>>>>> ------------------------------------------------------------ >>> >>>> --------- >>> >>>> >>> >>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> >>>>>>>>>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>>>>>>>>> >>> >>>>>>>>>> >>> >>>>>>>>>> >>> >>>>>>>>> >>> >>>>>>>> ------------------------------------------------------------ >>> >>>>>>>> --------- >>> >>>>>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> >>>>>>>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>> >>> >>>>>> >>> --------------------------------------------------------------------- >>> >>>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> >>>>>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> >>>>> >>> >>>> >>> --------------------------------------------------------------------- >>> >>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> >>>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>>> >>> >>>> >>> >>>> >>> >>> >>> >> --------------------------------------------------------------------- >>> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> >> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >> >>> >> >>> > >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>>