Celine
November 19, 2018, 3:02pm
1
Hi there,
In relation to the blog’s article Using SSL With Pulse describing the changes to perform to change the port to 443, I’ve got a silly question:
In the file server.xml there are 2 Connector blocs.
The first one has port=“8099” and redirectPort=“8093”
The second has port=“8093” + all parameters to configure the SSL usage (minus the parameter “keystoreType” though)
1st:
<Connector connectionTimeout="20000" port="8099" protocol="HTTP/1.1" redirectPort="8093" URIEncoding="UTF-8"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json"
compression="on"
compressionMinSize="2048"
/>
2nd:
<Connector port="8093" protocol="HTTP/1.1" SSLEnabled="true" URIEncoding="UTF-8" scheme="https" secure="true" sslProtocol="TLS"
keystoreFile="conf/TOMCAT.keystore" keystorePass="Pulse12345" clientAuth="false"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json"
compression="on"
compressionMinSize="2048"
/>
My guess is I should change the second bloc, redefining the port number to 443, and set-up everything else, but isn’t there anything to do in the first bloc as well ?
Pulse version: 5.7.10
Cheers
Hi Celine,
Indeed the first block of parameters is configured to redirect to the HTTP requests to HTTPS, this is a default configuration that comes with Tomcat, but in reality, The “redirectPort” is not utilized by Pulse web, because it is not configured to re-direct HTTP - HTTPS requests by default.
Regards,
Erik
1 Like
tryan
November 20, 2018, 2:59am
3
Hi @Celine ,
Adding to that, if you are going to set up SSL you most likely don’t want HTTP available so you should delete or comment out the first block.
twong
November 20, 2018, 4:02am
4
I am using IIS to make Pulse to use SSL via Reverse Proxy / URL Rewrite, below is the web.config:
<configuration>
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name="root" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Rewrite" url="http://tm1server.cubewise.com:8099/{R:1}" />
</rule>
</rules>
<outboundRules>
<rule name="Rewrite Location Header" stopProcessing="true">
<match serverVariable="RESPONSE_Location" pattern="^http://(.*)" />
<conditions>
<add input="{ORIGINAL_HOST}" pattern=".+" />
</conditions>
<action type="Rewrite" value="https://{R:1}" replace="true" />
</rule>
</outboundRules>
</rewrite>
<directoryBrowse enabled="true" />
</system.webServer>
</configuration>
tryan
November 20, 2018, 4:29am
5
Hi @twong ,
Thanks for posting.
To past code trying using three ticks ``` (top left key on US keyboards), then new past on new line and finish with another three ticks on a new line.It will even colour the text!
<Service name="Catalina">
<Connector connectionTimeout="20000" port="8099" protocol="HTTP/1.1" redirectPort="8093" URIEncoding="UTF-8"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json"
compression="on"
compressionMinSize="2048"
/>
<Connector port="8093" protocol="HTTP/1.1" SSLEnabled="true" URIEncoding="UTF-8" scheme="https" secure="true" sslProtocol="TLS"
keystoreFile="conf/TOMCAT.keystore" keystorePass="Pulse12345" clientAuth="false"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json"
compression="on"
compressionMinSize="2048"
/>
<Engine defaultHost="localhost" name="Catalina">
<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="false"></Host>
</Engine>
</Service>
Celine
November 20, 2018, 10:13am
6
Ok, thanks a lot @ecarmona , @tryan for your replies.@twong
Cheers