element.
For each connector, verify the secure= flag is set to "true" and the scheme= flag is set to "https" on each connector.
If the secure flag is not set to "true" and/or the scheme flag is not set to "https" for each HTTP connector element, this is a finding.
Fix Text (F-24596r426250_fix) |
---|
From the Tomcat server as a privileged user, edit the server.xml file. sudo nano $CATALINA_BASE/conf/server.xml. Locate each EXAMPLE Connector: redirectPort="443" /> Set or add scheme="https" and secure="true" for each HTTP connector element. EXAMPLE: Save the server.xml file and restart Tomcat: sudo systemctl restart tomcat sudo systemctl reload-daemon |