Open in app

Sign in

Write

Sign in

Port 80 to 443 Redirection

Parag Patil
3 min readAug 9, 2023

If you want to handle the HTTP to HTTPS redirection at the Spring Boot level, especially when using an embedded container like Tomcat, you can follow the steps below. This assumes that you have a Spring Boot application with an embedded Tomcat server.

Include the required dependencies:

If you haven’t added Spring Security, add it as it simplifies the HTTPS configuration:

<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>

Configure SSL for the embedded Tomcat:

In your application.properties or application.yml:

server.port=443
server.ssl.key-store=classpath:keystore.jks
server.ssl.key-store-password=yourpassword
server.ssl.key-store-type=jks

Replace keystore.jks with the path to your keystore and yourpassword with the password for your keystore. You might also need other properties if you're using a truststore or if you want to specify the key alias and password.

Add a Tomcat connector for HTTP and redirect to HTTPS:

You’ll have to create an additional Tomcat connector that listens to HTTP requests and redirects them to HTTPS.

@Configuration
public class ServerConfig {

@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint(“CONFIDENTIAL”);
SecurityCollection collection = new SecurityCollection();
collection.addPattern(“/*”);
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}

private Connector redirectConnector() {
Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
connector.setScheme(“http”);
connector.setPort(80);
connector.setSecure(false);
connector.setRedirectPort(443);
return connector;
}
}

This configuration instructs the embedded Tomcat server to listen on port 443 for HTTPS requests and on port 80 for HTTP requests. All incoming HTTP traffic on port 80 will be redirected to HTTPS on port 443.

Ensure Spring Security is set up to require HTTPS:

If you’re using Spring Security, you can ensure HTTPS is used for all requests:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Override
protected void configure(HttpSecurity http) throws Exception {
http
.requiresChannel()
.anyRequest()
.requiresSecure();

// … other security configurations
}
}

With these configurations, your Spring Boot application will handle the redirection from HTTP to HTTPS at the application level. Ensure to test the changes in a safe environment before deploying to production.

Alternative

If you want to redirect all traffic from HTTP (port 80) to HTTPS (port 443) by default, you often handle this at the level of the web server or reverse proxy in front of your application. Here’s how you can do this in a couple of common web servers:

Using Nginx:

With Nginx, you can set up a server block to listen on port 80 and then redirect all incoming requests to HTTPS on port 443.

server {
listen 80;
server_name yourdomain.com www.yourdomain.com;

location / {
return 301 https://$host$request_uri;
}
}

server {
listen 443 ssl;
server_name yourdomain.com www.yourdomain.com;

# SSL configuration here

location / {
proxy_pass http://localhost:8080; # Or wherever your Spring Boot app is running
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# other proxy settings…
}
}

Using Apache HTTP Server (with mod_rewrite):

If you’re using Apache, you can leverage mod_rewrite to handle the redirection:

First, make sure the mod_rewrite module is enabled:

a2enmod rewrite

Then, in your Apache config or .htaccess file:

<VirtualHost *:80>
ServerName yourdomain.com
Redirect / https://yourdomain.com/
</VirtualHost>

<VirtualHost *:443>
ServerName yourdomain.com

# SSL configuration here

ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>

AWS Elastic Load Balancer (ELB):

If you’re deploying your application on AWS and using Elastic Load Balancer, you can set up listeners:

  • A listener for HTTP (port 80) which forwards to HTTPS (port 443).
  • Another listener for HTTPS (port 443) which forwards to your target group (e.g., your Spring Boot application).

This can be done via the AWS Management Console, AWS CLI, or Infrastructure as Code tools like AWS CloudFormation or Terraform.

--

--

Parag Patil

Written by Parag Patil

26 Followers

CTO @ Nucsoft Ltd

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams