Apache HTTPS redirect to Tomcat web folder

https apache-2.2 ssl tomcat mod-ssl

I have configured my server to use httpd as proxy and Tomcat for deploying and running application. I use Apache httpd as proxy to redirect all request to port 80 and to the directory of tomcat where my web application files are located: /usr/share/tomcat/webapps/website.

The proxy lines that redirects to http://localhost:8080/website works for me, but when I tried to use HTTPS by adding additional lines like:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

then it just redirects to directory of Apache that is located in /var/www/html with default Apache httpd page.

This are my configurations in my conf.file:

<VirtualHost *:80>
    ServerName website.com
    ServerAlias www.website.com
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    DocumentRoot /usr/share/tomcat/webapps/website/
    ProxyRequests off
    ProxyPreserveHost On
    ProxyPass / http://website.com:8080/website/
    ProxyPassReverse / http://website.com:8080/website/
</VirtualHost>

<VirtualHost _default_:443>
    ErrorLog logs/ssl_error_log
    TransferLog logs/ssl_access_log
    LogLevel warn
    SSLEngine on
    SSLProtocol -all +TLSv1.3 +TLSv1.2
    SSLOpenSSLConfCmd Curves X25519:secp521r1:secp384r1:prime256v1
    SSLHonorCipherOrder on
    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM
    SSLCertificateFile /etc/pki/tls/certs/domein.crt
    SSLCertificateKeyFile /etc/pki/tls/private/domein-demo.key
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory "/var/www/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>
    BrowserMatch "MSIE [2-5]" \
    nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0
</VirtualHost>

The results that I get is

Forbidden
You don't have permission to access this resource.

I have already tried giving permissions to Apache to directory of Tomcat with sudo chown apache:apache /usr/share/webapps/website.


When you're doing this:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

You're redirecting all requests that's not HTTPS to its HTTPS counterpart, and HTTPS requests are handled by <VirtualHost _default_:443> configurations instead of <VirtualHost *:80>. Try copying or moving these configurations:

ProxyRequests off
ProxyPreserveHost On
ProxyPass / http://website.com:8080/website/
ProxyPassReverse / http://website.com:8080/website/

from <VirtualHost *:80> configuration block to <VirtualHost _default_:443>.

Related

SELinux setup for MongoDB
How to install "Minimal Ubuntu" onto virtual machine
Script without put ran as administrator leaves no file [closed]
Need new GLIBC on Centos 6 to use PyTorch on GPUs
Trying to auto-register a Nagios NSCA client
Adjust frequency of Windows Time sync
Private Google Kubernetes cluster can't download images from Google Container Engine
How to configure log rotate to compress and archive logs weekly [closed]
Removing non-present hardware with Devcon?
Kubernetes API-server wont' start after reboot
WinPE/Wim imaging - Boot issue after imaging, require reboot after to fix MBR
can a container have a higher resource demain than an individual node