Spring boot Disable response when https port is hit with http request
up vote
2
down vote
favorite
I have a spring boot application in which tomcat is listening on port 8000 over HTTPS. However, when port 8000 is hit with plain http request, the server responds with http 400.
Bad Request
This combination of host and port requires TLS.
Is there a way to prevent this? I don't want server to send any response when http://localhost:8000 is requested. Spring boot and tomcat versions are as below:
sprint-boot v2.0.0.RELEASE
tomcat v8.5.28
Update: application.properties is as below
server.port=8000
server.ssl.enabled=true
server.ssl.key-alias=alias
server.ssl.key-store=classpath:key.jks
server.ssl.key-store-type=JKS
server.ssl.key-store-password=<password>
server.ssl.key-password=<password>
spring spring-boot ssl tomcat8
add a comment |
up vote
2
down vote
favorite
I have a spring boot application in which tomcat is listening on port 8000 over HTTPS. However, when port 8000 is hit with plain http request, the server responds with http 400.
Bad Request
This combination of host and port requires TLS.
Is there a way to prevent this? I don't want server to send any response when http://localhost:8000 is requested. Spring boot and tomcat versions are as below:
sprint-boot v2.0.0.RELEASE
tomcat v8.5.28
Update: application.properties is as below
server.port=8000
server.ssl.enabled=true
server.ssl.key-alias=alias
server.ssl.key-store=classpath:key.jks
server.ssl.key-store-type=JKS
server.ssl.key-store-password=<password>
server.ssl.key-password=<password>
spring spring-boot ssl tomcat8
Can you please provide code to support your question? Your spring security configuration file to start with.
– Prashant
Nov 9 at 3:09
@Prashant I have added my application.properties files contents in the question. Spring security is not being used and is not required anyways.
– Manish
Nov 9 at 3:26
What would you expect to happen when callers hit localhost:8000? For example, wouldn't you want a HTTP status code back? Also, I'm assuming you are testing with embedded tomcat in your spring boot app. Let us know.
– Arun Patra
Nov 9 at 6:16
I just want to send no response.
– Manish
Nov 9 at 6:17
add a comment |
up vote
2
down vote
favorite
up vote
2
down vote
favorite
I have a spring boot application in which tomcat is listening on port 8000 over HTTPS. However, when port 8000 is hit with plain http request, the server responds with http 400.
Bad Request
This combination of host and port requires TLS.
Is there a way to prevent this? I don't want server to send any response when http://localhost:8000 is requested. Spring boot and tomcat versions are as below:
sprint-boot v2.0.0.RELEASE
tomcat v8.5.28
Update: application.properties is as below
server.port=8000
server.ssl.enabled=true
server.ssl.key-alias=alias
server.ssl.key-store=classpath:key.jks
server.ssl.key-store-type=JKS
server.ssl.key-store-password=<password>
server.ssl.key-password=<password>
spring spring-boot ssl tomcat8
I have a spring boot application in which tomcat is listening on port 8000 over HTTPS. However, when port 8000 is hit with plain http request, the server responds with http 400.
Bad Request
This combination of host and port requires TLS.
Is there a way to prevent this? I don't want server to send any response when http://localhost:8000 is requested. Spring boot and tomcat versions are as below:
sprint-boot v2.0.0.RELEASE
tomcat v8.5.28
Update: application.properties is as below
server.port=8000
server.ssl.enabled=true
server.ssl.key-alias=alias
server.ssl.key-store=classpath:key.jks
server.ssl.key-store-type=JKS
server.ssl.key-store-password=<password>
server.ssl.key-password=<password>
spring spring-boot ssl tomcat8
spring spring-boot ssl tomcat8
edited Nov 9 at 3:25
asked Nov 9 at 2:08
Manish
5311720
5311720
Can you please provide code to support your question? Your spring security configuration file to start with.
– Prashant
Nov 9 at 3:09
@Prashant I have added my application.properties files contents in the question. Spring security is not being used and is not required anyways.
– Manish
Nov 9 at 3:26
What would you expect to happen when callers hit localhost:8000? For example, wouldn't you want a HTTP status code back? Also, I'm assuming you are testing with embedded tomcat in your spring boot app. Let us know.
– Arun Patra
Nov 9 at 6:16
I just want to send no response.
– Manish
Nov 9 at 6:17
add a comment |
Can you please provide code to support your question? Your spring security configuration file to start with.
– Prashant
Nov 9 at 3:09
@Prashant I have added my application.properties files contents in the question. Spring security is not being used and is not required anyways.
– Manish
Nov 9 at 3:26
What would you expect to happen when callers hit localhost:8000? For example, wouldn't you want a HTTP status code back? Also, I'm assuming you are testing with embedded tomcat in your spring boot app. Let us know.
– Arun Patra
Nov 9 at 6:16
I just want to send no response.
– Manish
Nov 9 at 6:17
Can you please provide code to support your question? Your spring security configuration file to start with.
– Prashant
Nov 9 at 3:09
Can you please provide code to support your question? Your spring security configuration file to start with.
– Prashant
Nov 9 at 3:09
@Prashant I have added my application.properties files contents in the question. Spring security is not being used and is not required anyways.
– Manish
Nov 9 at 3:26
@Prashant I have added my application.properties files contents in the question. Spring security is not being used and is not required anyways.
– Manish
Nov 9 at 3:26
What would you expect to happen when callers hit localhost:8000? For example, wouldn't you want a HTTP status code back? Also, I'm assuming you are testing with embedded tomcat in your spring boot app. Let us know.
– Arun Patra
Nov 9 at 6:16
What would you expect to happen when callers hit localhost:8000? For example, wouldn't you want a HTTP status code back? Also, I'm assuming you are testing with embedded tomcat in your spring boot app. Let us know.
– Arun Patra
Nov 9 at 6:16
I just want to send no response.
– Manish
Nov 9 at 6:17
I just want to send no response.
– Manish
Nov 9 at 6:17
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53218852%2fspring-boot-disable-response-when-https-port-is-hit-with-http-request%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Can you please provide code to support your question? Your spring security configuration file to start with.
– Prashant
Nov 9 at 3:09
@Prashant I have added my application.properties files contents in the question. Spring security is not being used and is not required anyways.
– Manish
Nov 9 at 3:26
What would you expect to happen when callers hit localhost:8000? For example, wouldn't you want a HTTP status code back? Also, I'm assuming you are testing with embedded tomcat in your spring boot app. Let us know.
– Arun Patra
Nov 9 at 6:16
I just want to send no response.
– Manish
Nov 9 at 6:17