Tomcat from 8443 to 443

In unix systems the use of ports under 1024 usually requires special permissions or rights.

Your Tomcat works with port 8443 because it is not in the "protected" port range.

Of course first step is to change the port to 443 in your Tomcat's server.xml.

Solving using Authbind

One way to allow Tomcat to use 443 or 80 ports is to use Authbind

authbind allows a program which does not or should not run as root to bind to low-numbered ports in a controlled way.

Lower than 1024 ports have to be enabled in: /etc/default/tomcat8. Add the following line:

AUTHBIND=true

And create a new file for this:

sudo touch /etc/authbind/byport/443
sudo chown tomcat8 /etc/authbind/byport/443
sudo chmod 500 /etc/authbind/byport/443

Solving using setcap

Another way to solve this is to allow an executable binary to bind to the restricted ports which can be enabled by using the setcap unix command:

sudo setcap cap_net_bind_service=+ep /path/to/binary

Solution that worked for me: redirect 443 requests to 8443.

iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443

Use (/sbin/)iptables-save (as root) to make changes permanent.

Tags:

Java

Ssl

Tomcat

Tomcat7

Tomcat8

Recent Posts