On Tue, May 27, 2014 at 2:21 PM, Mark Thomas <ma...@apache.org> wrote:
> On 27/05/2014 17:31, John Smith wrote: > > Tomcat 7.0.42, RHEL6, JDK1.7.0_25, Standalone TC configuration. IPTABLES > > route port 80 to 8080 > > > > I've got a subdirectory like 'www.mysite.com/admin' that I want to put > > under FORM based authentication. That's clear enough, and I've got the > java > > keytool cert working well enough on my dev box until I get one from a CA. > > > > Couple of questions: > > > > 1. Anyone familiar with any problems routing 443 to 8443 on *nix boxes > for > > TC SSL certs? It's preferable to not have my end users needing port > > numbers. The cert doesn't care about the port, IIRC. > > Should be fine. > > > 2. With the SSL connector enabled, https://* is globally respected on > the > > entire webapp. Do I need to manually check the URL/protocol to deny or > > redirect https to http outside of '/admin'? Is there any built in TC > > mechanism or suggested best practice to handle this? or should I not > care? > > Nothing to automatically handle https -> http. Unless it causes an > issue, I'd just leave it. > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > Mark, Thanks and appreciated, as always.
