-
1. Re: Disable HTTP on Port 8080, only allow HTTPS
erasmomarciano Nov 7, 2012 4:23 AM (in response to wagnbeu0)Hi
you should have alone this tag
<
Connector
protocol
=
"HTTP/1.1"
SSLEnabled
=
"true"
port
=
"8443"
address
=
"${jboss.bind.address}"
scheme
=
"https"
secure
=
"true"
clientAuth
=
"true"
keystoreFile
=
"${jboss.server.home.dir}/conf/server.keystore"
keystorePass
=
"server-keystore-pass"
truststoreFile
=
"${jboss.server.home.dir}/conf/server.truststore"
truststorePass
=
"server-truststore-pass"
sslProtocol
=
"TLS"
/
Your connect is ready for listen in https
Are you sure that Jboss listens in http e in https listens on the same port.
I think that you should have an error message Bindind Exception
-
2. Re: Disable HTTP on Port 8080, only allow HTTPS
wagnbeu0 Nov 7, 2012 4:35 AM (in response to erasmomarciano)Hm, if I change the value clientAuth="false" to "true", then the webserver is not available
-
3. Re: Disable HTTP on Port 8080, only allow HTTPS
erasmomarciano Nov 7, 2012 4:44 AM (in response to wagnbeu0)ClientAuth
Set to
true
if you want the SSL stack to require a valid certificate chain from the client before accepting a connection.Set to
want
if you want the SSL stack to request a client Certificate, but not fail if one isn't presented.A
false
value (which is the default) will not require a certificate chain unless the client requests a resource protected by a security constraint that usesCLIENT-CERT
authentication.See the SSL HowTo for an example. That SSL HowTo also contains tips on using per-user or per-session certificate-based clientAuth.
I 'm not sure this way is correctly
-
4. Re: Disable HTTP on Port 8080, only allow HTTPS
wagnbeu0 Jul 11, 2013 11:46 AM (in response to erasmomarciano)Hi, I changed my configuration now to this one:
<!-- A HTTP/1.1 Connector on port 8080
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}"
connectionTimeout="20000" redirectPort="8443" />
-->
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false"
strategy="ms"
address="${jboss.bind.address}"
keystoreFile="${jboss.server.home.dir}/conf/ssl/server.keystore"
keystorePass="CHANGEIT"
truststoreFile="${jboss.server.home.dir}/conf/ssl/server.truststore"
truststorePass="CHANGEIT"
sslProtocol="TLS"/>Now the HTTP Port is not available, only HTTPS Requesst are valid. Thanks for your help.