-
1. Re: How to redirect http to https with port forwarding
xkylex Feb 22, 2015 3:55 AM (in response to goodlifester)You may need to:
- Define a socket-binding of 443
- Specify newly created socket-binding in redirect-socket attribute of http-listener
With jboss-cli you can configure it with following command:
/socket-binding-group=standard-sockets/socket-binding=https-external:add(port=443)
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=redirect-socket,value="https-external")
Also my blog posting looks similar so might be useful: http://www.nailedtothex.org/roller/kyle/entry/configuring-wildfly-as-a-standalone
-
2. Re: How to redirect http to https with port forwarding
goodlifester Feb 23, 2015 11:30 AM (in response to xkylex)Thanks for your suggestion, but it doesn't solve the problem I'm asking
The primary reason I need to do port forwarding from 443 to 8443 to begin with is to avoid having a listener on port 443( which would require running the JBoss process with ROOT privilege, not a good practice in a production environment ).
Anyone aware of a solution to this issue?
Thanks!
-
3. Re: How to redirect http to https with port forwarding
ctomc Feb 23, 2015 11:34 AM (in response to goodlifester)1 of 1 people found this helpfulWhat Kohei suggested is correct fix for this.
you will still have https-listener bound to 8443 but redirect-socket is set to 443.
What this does is that when server needs to redirect to secure site (transport=confidential) it will take configuration of redirect-socket to redirect to that port.
in suggested solution that would be 443. When redirect is send to the browser, browser will connect back to :443 where you proxy server is listening and forwarding requests to wildfly on 8443
-
4. Re: How to redirect http to https with port forwarding
goodlifester Feb 23, 2015 11:55 AM (in response to ctomc)Thanks very much Tomaz for the clarification, and thank you Kohei for the solution, it actually IS the correct solution. What I missed that I don't need a https-listener referencing socket-binding 443.