https://bz.apache.org/bugzilla/show_bug.cgi?id=59779
--- Comment #6 from NateC <apa...@neworld.us> --- (In reply to Mark Thomas from comment #5) > (In reply to NateC from comment #4) > > > This configuration is being used behind a load balancer performing SSL > > offloading. Looking at the connector doc, > > https://tomcat.apache.org/tomcat-7.0-doc/config/http.html it looks like this > > should work based on this description. > > It does work. > > You can't have the reverse proxy passing both http and https traffic from > the client to that connector. The Connector attributes secure="true" and > scheme="https" tell Tomcat that ALL traffic received by that Connector was > sent, by the client, over https. If that isn't the case, stuff will break. The reverse proxy is not passing both http and https to the connector just http, but the client is sending https to the reverse proxy. Client -(https)-> Load Balancer -(http)-> Tomcat Secure and https need to be set so that Tomcat responds correctly to the client that data was encrypted because that is how the client thinks it is communicating to the server and why absolute redirects were needed. As described in these examples: http://www.invantive.com/about-invantive/news/entryid/897/ssl-offloading-for-apache-tomcat http://www.gattis.org/Work-and-Tech/communication-and-collaboration/web-technology/tomcat/tomcat-ssl-offloading Because these are not apache docs this might have been an unsupported feature. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
