Hi, > -----Original Message----- > From: Christopher Schultz [mailto:ch...@christopherschultz.net] > Sent: Tuesday, June 24, 2014 2:42 PM > To: Tomcat Users List > Subject: Re: Browsers suddenly start timing out when accessing port 80 of > secure site > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Bruce, > > On 6/23/14, 2:30 PM, Bruce Lombardi wrote: > > Moving the SSL port from 8443 to 443 has solved the problem. It > > appears that when the url www.something.net is entered, Firefox > > remembers that this is an SSL site and automatically add the "s" > > to get https. In fact after the timeout the url line in the > > browser shows https:www.something.net. Obviously, this is > > defaulting to the standard SSL port (443), which does not work if > > 8443 is used. Moving the port to 443 solved the problem. > > > > If you read about setting up Tomcat, the default SSL port is 8443. > > Maybe this is done for testing, but it never seems to be explained > > that there might be problems with 8443. > > I have never experienced the behavior you describe. Certain clients do > cache responses from servers, so it's possible that you had a bad setup > at some point that redirected :80 -> :443 and then Firefox wouldn't > forget that response and change to :8443.
It might also be possible that the website used HSTS which forces compliant browsers (hopefully IE too in near future) to only view a site in HTTPS. I haven't tested how Firefox handles this, but I can imagine that when the website on :8443 sets an HSTS header and the user enters "www.example.com", that Firefox automatically switches this to "https://www.example.com/"; which is Port 443. Regards, Konstantin Preißer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
