Filip, Works like charm.
Thanks a lot, János On Mar 14, 2011, at 7:29 PM, Filip Hanik - Dev Lists wrote: > On 3/14/2011 3:46 PM, János Löbb wrote: >> Hi, >> >> I set up ssl using the JAVA_HOME/bin/keytool on OSX 10.6.6 - JSSE type >> configuration with a self-signed certificate. Modified server.xml to >> include a connector: >> >> <Connector port="8443" >> protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" >> maxThreads="150" scheme="https" secure="true" >> keystoreFile="/Users/administrator/.keystore" >> keystorePass="*****" >> clientAuth="false" sslProtocol="TLS" /> >> >> anything else is the default, out of box. >> >> Where should I configure and how that when I hit >> >> http://localhost:8080 >> >> it should redirect to >> >> https://localhost:8443 > > make sure your connector 8080 has redirectPort="8443" in it, then in > <tomcat.home>/conf/web.xml define a constraint, transport/confidential > > <security-constraint> > <web-resource-collection> > <web-resource-name>Everything is https</web-resource-name> > <url-pattern>/*</url-pattern> > </web-resource-collection> > > <user-data-constraint> > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > </user-data-constraint> > </security-constraint> > > > >> ?? >> >> That is I do not want it to be web app specific, I want to have this >> behavior by default. I am not using httpd or mod_jk at this time and do >> not want to use if I can avoid them. >> >> Should I also add SSLEngine="on" ?? >> >> >> Thanks ahead, >> >> János >> P.S. I looked the list from 2008 and see nothing in this regard. >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org