I have a webapp running on http://my-domain:8080/myapp
without ssl. The webapp is public so everyone can access this site. I want to use SSL.
Of course I can configure tomcat to use a ssl certificate. Since this seems to be a mess with auto-renewal and restart the server, I searched for a different idea.
I would like to use my already existing Apache and configure a reverse proxy to redirect all request from http://myapp.my-domain:80/
to http://myapp.my-domain:443/
and from this to tomcat http://localhost:8080/myapp
. Then I configure tomcat to only accept connections on localhost.
Is this a save way to do this?
The setup you described is exactly what we have been running for 15+ years now without problems. So, my answer to your question is 'Yes'. That said, I'm not a IT security expert. My opinion is solely based on the experience from our setup.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.