java Tomcat 从 8443 到 443
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/25743718/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Tomcat from 8443 to 443
提问by grep
I have spring MVC web application started on tomcat 8.
我在 tomcat 8 上启动了 spring MVC web 应用程序。
I'have created certificates for SSL Authorization. I have such I confing in a server.xml
我已经为 SSL 授权创建了证书。我在 server.xml 中有这样的我
<Connector SSLEnabled="true"
keystoreFile="ks.p12"
keystoreType="pkcs12"
keystorePass="*****"
port="8443"
scheme="https"
secure="true"
sslProtocol="TLS"/>
Ok. Now Everything works well!
行。现在一切正常!
BUT how to start server on 443 port? When I try to use open https://dev-sp.ge/it gets me that messages "This webpage is not available"
但是如何在 443 端口上启动服务器?当我尝试使用 open https://dev-sp.ge/ 时,它让我收到消息“此网页不可用”
回答by icza
In unix systems the use of ports under 1024 usually requires special permissions or rights.
在 unix 系统中,使用 1024 下的端口通常需要特殊的许可或权限。
Your Tomcat works with port 8443because it is not in the "protected" port range.
您的 Tomcat 使用端口,8443因为它不在“受保护”端口范围内。
Of course first step is to change the port to 443in your Tomcat's server.xml.
当然,第一步是将端口更改为443Tomcat 的server.xml.
One way to allow Tomcat to use 443 or 80 ports is to use Authbind
允许 Tomcat 使用 443 或 80 端口的一种方法是使用Authbind
authbindallows a program which does not or should not run as root to bind to low-numbered ports in a controlled way.
authbind允许不或不应该以 root 身份运行的程序以受控方式绑定到低编号端口。
Lower than 1024 ports have to be enabled in: /etc/default/tomcat8. Add the following line:
必须在以下位置启用低于 1024 的端口:/etc/default/tomcat8. 添加以下行:
AUTHBIND=true
And create a new file for this:
并为此创建一个新文件:
sudo touch /etc/authbind/byport/443
sudo chown tomcat8 /etc/authbind/byport/443
sudo chmod 500 /etc/authbind/byport/443
回答by chlarno
Solution that worked for me: redirect 443 requests to 8443.
对我有用的解决方案:将 443 个请求重定向到 8443。
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443 sudo /sbin/iptables-save
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443 sudo /sbin/iptables-save
回答by Robert Moszczynski
Requires MacOSX >= Yosemite.
需要 MacOSX >= Yosemite。
Add:
添加:
echo "
rdr pass inet proto tcp from my-domain.com to my-domain.com port 443 -> 127.0.0.1 port 9443
" | sudo pfctl -ef -
Or:
或者:
echo "
rdr pass inet proto tcp from any to any port 443 -> 127.0.0.1 port 9443
" | sudo pfctl -ef -
List:
列表:
sudo pfctl -s nat
Remove:
消除:
sudo pfctl -F all -f /etc/pf.conf
回答by Vincenzo Cerbone
PREROUTING was not working for me. I successfully achived that with:
PREROUTING 对我不起作用。我成功地实现了这一点:
sudo iptables -t nat -A OUTPUT -o lo -p tcp --dport 443 -j REDIRECT --to 8443
sudo /sbin/iptables-save (to make it permanent)
sudo /sbin/iptables-save (使其永久)
回答by Phantom
Like to add something more to @icza 's answer (since I'm new I cannot post comments)
想在@icza 的回答中添加更多内容(因为我是新手,所以无法发表评论)
If you are running the Tomcat server inside Eclipse, use
如果您在 Eclipse 中运行 Tomcat 服务器,请使用
authbind --deep ./eclipse
Because Eclipse does not care about the authbind otherwise
因为 Eclipse 不关心 authbind 否则
