Home > OS >  Apache Web Server port 433 and Tomcat port 8080, redirect not working
Apache Web Server port 433 and Tomcat port 8080, redirect not working

Time:02-24

My Apache web server runs on port 433 with https protocol. I wish to run Tomcat on port 8080 because there is no need for additional encryption, Tomcat is on the same machine, so I don't need port 8433. But when I forward traffic from 433 to 8080 via iptables but I got an error: This site can’t provide a secure connection

ERR_SSL_PROTOCOL_ERROR

What configurations do I need in tomcat server.xml and apache.conf in order to make this work?

    <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               URIEncoding="UTF-8"
               redirectPort="8443" />
    
    <!-- A "Connector" using the shared thread pool-->
    
    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
<!-- I've tried this before when I thought I need an SSL for Tomcat. I think it's irrelevant now -->

<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
           maxThreads="150" SSLEnabled="true" >
    <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    <SSLHostConfig>
        <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
                     certificateFile="conf/localhost-rsa-cert.pem"
                     certificateChainFile="conf/localhost-rsa-chain.pem"
                     type="RSA" />
    </SSLHostConfig>
</Connector>

in httpd.conf

<VirtualHost *:80>
     ServerAdmin root@localhost
     DocumentRoot "/var/www/html"
     DirectoryIndex index.html
     ServerName mydomain.zone
     ErrorLog "/var/log/httpd/mydomain.zone.error_log"
     CustomLog "/var/log/httpd/mydomain.zone.access_log" common
RewriteEngine on
RewriteCond %{SERVER_NAME} =mydomain.zone
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Include /etc/httpd/conf/httpd-le-ssl.conf

EDIT: I've tried to delete iptables rule, and after that I added in httpd.conf:

ProxyPass / http://www.mydomain.zone:8080
ProxyPassReverse / http://www.mydomain.zone:8080

But I got the message: Service Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later. (Tomcat is running I checked and Apache is restarted).

I've noticed that my web app works with normal HTTP protocol currently, but not with https, and I need to type:8080

CodePudding user response:

I had 2 problems that occurred and the problem was not about proxy rules, I wrote them correctly.

I found the solution for the first problem here: http://sysadminsjourney.com/content/2010/02/01/apache-modproxy-error-13permission-denied-error-rhel/

Apparently, SELinux didn't allow httpd could not initiate outbound connections. I needed to allow it: /usr/sbin/setsebool -P httpd_can_network_connect 1

The second problem was that my Tomcat used too much RAM memory because I configure SSL in server.xml, but SSL is already enabled in my Apache. When I commented that out, Tomcat reduced his RAM consumption.

Page link:https//www.codepudding.com/os/312935.html

Prev:Can't deploy Spring-Boot WAR file on External Tomcat 7
Next:How to scale SVG to fit the div
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding