i don’t know if we can do that with cloudfare, but when a user type
i would like that go directly to https…
I have a web application on ovh who use spring boot (tomcat port 8080).
on the ovh server i do
in Cloudflare, ssl is set to flexible
setup in Cloudflare
is it possible to do what i want with Cloudflare?
In which case you have a security issue to begin with. You first need to secure your server.
Unencrypted & unverified connections
Imagine you open Paypal and suddenly get that warning
Would you continue? Probably not. For decades leaders in IT security have advocated that people upgrade their sites from unencrypted HTTP to secure HTTPS. And for a reason, everything you send via an HTTP connection is sent in plain text and can be intercepted at any point between you and the server.
Equally, you’d probably not proceed if you got such a warning, right?
That’s when th…
For your use case
Apache Tomcat 10 (10.0.21) - SSL/TLS Configuration How-To.
Or you put Apache in front of it and handle SSL there.
spring boot 2.6x use tomcat 9… is there any info to setup it with Cloudflare?
Just check out the documentation for version 9, I am sure there’ll be a similar part covering SSL. And if you put Apache in front, that does not even matter, as Apache is compatible with all versions.
do i need to use Origin server certificate or client certificate from Cloudflare (ssl/tls)?
You need an Origin certificate or any other publicly trusted certificate.
You do not need a client certificate, as that would be only for client authentication, which you do not need for SSL.
So have you configured the certificate now?
spring boot application with ssl use 8443 port
sudo firewall-offline-cmd --add-forward-port=port=80:proto=tcp:toport=8443
sudo firewall-offline-cmd --add-forward-port=port=443:proto=tcp:toport=8443
sudo firewall-cmd --reload
i followed step here
just get the same issue…
if i put SSL/TLS encryption mode is Full
Full is not secure either. You really need to get this working on Full Strict.
You just need to configure the right certificate, right now you have an invalid one.
i understand what you say, but it’s not very clear how to get a valid one
That’s covered by the article I posted in the very first response, plus as I mentioned you can use any publicly trusted certificate.
spring boot use tomcat… but configuring directly tomcat is not the way to go with this framework.
convention over configuration…
we need to set only a few value in the config value
Well, how you get the certificate configured is something for whatever tool you are using and that would be beyond the scope of the forum here.
The bottom line is, whatever server you are using, you need to make sure it is properly configured for SSL.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.