Tomcat from 8443 to 443
Solution 1
In unix systems the use of ports under 1024 usually requires special permissions or rights.
Your Tomcat works with port 8443
because it is not in the "protected" port range.
Of course first step is to change the port to 443
in your Tomcat's server.xml
.
Solving using Authbind
One way to allow Tomcat to use 443 or 80 ports is to use Authbind
authbind allows a program which does not or should not run as root to bind to low-numbered ports in a controlled way.
Lower than 1024 ports have to be enabled in: /etc/default/tomcat8
. Add the following line:
AUTHBIND=true
And create a new file for this:
sudo touch /etc/authbind/byport/443
sudo chown tomcat8 /etc/authbind/byport/443
sudo chmod 500 /etc/authbind/byport/443
Solving using setcap
Another way to solve this is to allow an executable binary to bind to the restricted ports which can be enabled by using the setcap
unix command:
sudo setcap cap_net_bind_service=+ep /path/to/binary
Solution 2
Solution that worked for me: redirect 443 requests to 8443.
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443
Use (/sbin/
)iptables-save
(as root) to make changes permanent.
Solution 3
PREROUTING was not working for me. I successfully achived that with:
sudo iptables -t nat -A OUTPUT -o lo -p tcp --dport 443 -j REDIRECT --to 8443
sudo /sbin/iptables-save (to make it permanent)
grep
I'm design-minded software engineer passionate about building stable and scalable services. As a developer, I love clean, well structured, testable and efficient code. Experienced with contributing Apache open source projects. I'm interested in doing challenging projects where I can be given opportunities to make a meaningful impact.
Updated on July 09, 2022Comments
-
grep almost 2 years
I have spring MVC web application started on tomcat 8.
I'have created certificates for SSL Authorization. I have such I confing in a server.xml
<Connector SSLEnabled="true" keystoreFile="ks.p12" keystoreType="pkcs12" keystorePass="*****" port="8443" scheme="https" secure="true" sslProtocol="TLS"/>
Ok. Now Everything works well!
BUT how to start server on 443 port? When I try to use open https://dev-sp.ge/ it gets me that messages "This webpage is not available"