In an EC2 server, my app is at MyIp:8080/app, and I have a domain name www.myDomain.com and I would like to forward the domain to the ip…
Two things:
Any help on these two issues?
Regards
IP adresses and DNS records don’t affect port numbers. You’ll need to run your server at port 80 instead or (most often better) redirect traffic coming to port 80 to 8080. See e.g.
this excellent Jetty wiki page
(most of the stuff is server agnostic).
I use iptables style solution on the servers I administrate. Just be sure to save the rule so your server survives from a reboot.
cheers,
matti
It worked!! Thank you very much Matti…
Here’s what I did, in case needed:
/sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
Hope it helps…
Hugo
Hi:
I’m now entering to my app via
https,
which I understand is port 443…do I redirect it in the same way? If I do that then it will be
http
and not
https
right?
I currently have this in tomcat’s server.xml:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
and I should also include:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keyAlias="server"
keystoreFile="/home/user/www_myDomain_com.jks"
keystorePass="password" />
But this is not working
Any ideas?
thanks!!!
Is your certificate setup properly? Maybe there are some hints in your tomcat log?
cheers,
matti
Thank you very much Matti…
I managed to use
https
perfectly
, but for some reason when I use
http
(or nothing, just www.myDomain.com), I get a download prompt window withan empty file, and my page gets nowhere, instead of redirecting to
https
.
My server.xml contains the following:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />and
<Connector port="8443" protocol="HTTP/1.1" maxHttpHeaderSize="8192" maxThreads="150"
minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false"
sslProtocol="TLS" keyAlias="server"
keystoreFile="/etc/tomcat7/www_myDomain_com.jks" keystorePass="password" />now, I also redirected the ports to 8443 and it doesnt work:
# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8443
REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 8443Any idea on what is wrong here?
thanks!!!
I don’t about your specific setup, but we set the 8080 connector to redirect to port 443 as that’s the standard for HTTPS. We then let iptables NAT redirect 80 to 8080 and 443 to 8443:
[font=courier new]
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
[/font]
Be sure your app’s web.xml includes a security constraint confidential if you’d like HTTP to auto-redirect to HTTPS, something like:
Entire Open eSignForms web app
/*
CONFIDENTIAL
Also, not sure about your SSL, but the key alias defaults to “tomcat” but I presume that keyAlias works if that’s how you set things up and you said https is working for you.
You can perhaps see more in our setup guide (see section on Tomcat and Linux):
https://github.com/OpenESignForms/openesignforms/wiki/InstallationUsingVaadin7
Did that and worked!!!..thanks David!!!