Redirecting HTTP to HTTPS

This procedure describes how to change the Tomcat configuration to automatically redirect HTTP to HTTPS. This is an optional procedure to enhance security.

NOTE: A connector with the redirect rule must exist in the server.xml file, as follows:

<Connector port="18080" protocol="HTTP/1.1"

connectionTimeout="20000"

redirectPort="8443" />

***port (redirect from)= <HTTP_PORT> ; redirectPort (redirect to)=<HTTPS_PORT>

To redirect HTTP to HTTPS:

1. Navigate to the following directory:
   • Windows: <EM_HOME>\emweb\tomcat\conf
   • UNIX: <EM_HOME>/etc/emweb/tomcat/conf
2. Open the web.xml file and add the following syntax to the <web-app> tag at the end of the file:

   <security-constraint>Na

   <web-resource-collection>

   <web-resource-name>Redirect Application</web-resource-name>

   <url-pattern>/*</url-pattern>

   </web-resource-collection>

   <user-data-constraint>

   <transport-guarantee>CONFIDENTIAL</transport-guarantee>

   </user-data-constraint>

   </security-constraint>

3. Recycle the Web Server.