HowTo: Enable HTTP to HTTPS redirection in tomcat for server under elb.

Posted on Updated on

I have installed Tomcat native method APR which is very lite to handle the serverlet request, For secure the logins, it is better to configure force redirection.

I followed the below methods,  in amazon server.

1, Configure SSL with port redirection in AWS firewall






2, Edit the tomcat configuration for SSL redirection, Modify the below parts in the conf file.


<Connector port="80" protocol="HTTP/1.1"
 redirectPort="443" />

SSL Certifice configuration in APR tomcat native method

 port="443" maxThreads="500"
 scheme="https" secure="true" SSLEnabled="true"
 SSLVerifyClient="optional" SSLProtocol="TLSv1"/>

3, edit the Aplications web.xml for force redirection. webapps/ROOT/WEB-INF/web.xml

<web-resource-name>Protected Context</web-resource-name>
<!-- auth-constraint goes here if you requre authentication -->

Verify :

curl -I
HTTP/1.1 302 Found
Content-length: 0
Date: Fri, 31 Oct 2014 16:33:42 GMT
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=5B5B0B1292597816EA2C5DE89B298F74; Path=/; HttpOnly
Connection: keep-alive



2 thoughts on “HowTo: Enable HTTP to HTTPS redirection in tomcat for server under elb.

    pramod said:
    March 16, 2016 at 3:37 pm

    When I make a call HTTPS request, then there are two levels of encryptions happening : at LB and at tomcat as well. Isn’t there a single place which can solve the problem?

Leave a Reply to HowTo: Enable HTTP to HTTPS redirection in tomcat for server under elb. | Dinesh Ram Kali. Cancel reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s