Reblog : Apache Tomcat with SSL behind Amazon ELB

Note: This is a reblog of following link for my personal bookkeeping

Rahul Verma
Aug 21, 2017 · 1 min read

One of popular AWS EC2 cluster configurations servicing secure REST APIs is where the SSL connection terminates at ELB, while all communication between ELB and EC2 instances use HTTP. This works well as far as no redirection is involved. However, where redirection is involved, client gets redirected to insecure connection, which may not work. One such scenario is an Oauth Server.

To solve this issue, following changes are needed to be made in server.xml file of Apache Tomcat:

<Connector
port="8080"
protocol="HTTP/1.1"
proxyPort="443"
scheme="https"
secure="true"
proxyName="myapp.example.com"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade