Setting up Tomcat https/ssl

[Robert Erdt]

Hi!

Does anyone know how to set up ssl/https GCE using tomcat?

I have tried using port 80 and 8443 through the load balancer, At times I would see my certificate in the browser.. I never had seen a connection to 8443, but see the listener... I am totally at a lost.  

Thanks in advance.

[Robert Erdt]

So, if I were to say I just configured my DNS to fix my concern, well I did, but that was only part of the problem.

The BIGGEST assumption I made was that tomcat needed a JKS to validate my certificates on port 8443, this is wrong. In fact, i believe its not even communicating on 8443 behind the firewall.

Here Chandan Kumar gives a great explanation of how the Load Balancer works -

https://geekflare.com/google-load-balancer-enable-ssl/ 

This is also works with tomcat, you are not putting the port 8443 to work, at all.

The problem is that Google's instructions say to use Ipv6 address for the HTTPS connection on the front end. THAT"S THE PROBLEM.

You need to configure your Front end to accept BOTH 443 and 80 on both IPv4 and IPv6 static addresses. MY COMPANIES proxy will not resolve the IP addresses they way Google wants them too, in fact blocks one of them, who knew.

Keep the health check at port 80. This will always return a positive health check.

DON'T set up a security constraint in your web.xml to accept only SSL, Your health check will fail. You will need to create a filter in your application that will send the servlet or page back to the https scheme. This assumes you change server.xml to have a default application, most likely.

Use OpenSSL to create or recreate your certificate, so you can have your private key, i used godaddy for my SSL CA.

I hope some of y notes help.

Rob