#StackBounty: #ssl #tomcat #redirect #apache2 #lets-encrypt modern installation of Tomcat with SSL on port 443

Bounty: 50

In the computer course I’m writing I’m using Tomcat for the server. (Students learn how to set up CentOS and everything from scratch. Currently the course has them using Tomcat running on port 8080.) I’m going back to write the section on security. I want students to learn to set up their web server to use SSL/TLS on port 443, with HTTP port 80 redirecting to HTTPS port 443. This should be a very basic, fundamental configuration, no?

The last time I did this myself was about 10 or 15 years ago, when I compiled Apache myself and put it in front of Tomcat using whatever connectors (I’ll have to go look at my configuration from back then), purchasing outrageously priced SSL certificates and installing them manually. How I’m sure things are greatly improved. Recently I’ve set up Apache (I didn’t have to compile it) hosting static pages directly, and using Let’s Encrypt (once I figured out what I should be doing) for SSL was a breeze. It’s working nicely. So I assume I’d want to use Let’s Encrypt in whatever solution I prescribe to the students.

So what is the best practice, straightforward, and simple setup for Tomcat with SSL on port 443 (preferably using Let’s Encrypt) with HTTP port 80 forwarding to HTTPS port 443? Do I still need to stick Apache (or Nginx?) in front of it? (The last I checked, letting Tomcat use lower port numbers was a pain, and nobody seemed to know an easy, straightforward way to do it.)

Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.