Tomcat from 8443 to 443
In unix systems the use of ports under 1024 usually requires special permissions or rights.
Your Tomcat works with port 8443
because it is not in the "protected" port range.
Of course first step is to change the port to 443
in your Tomcat's server.xml
.
Solving using Authbind
One way to allow Tomcat to use 443 or 80 ports is to use Authbind
authbind allows a program which does not or should not run as root to bind to low-numbered ports in a controlled way.
Lower than 1024 ports have to be enabled in: /etc/default/tomcat8
. Add the following line:
AUTHBIND=true
And create a new file for this:
sudo touch /etc/authbind/byport/443
sudo chown tomcat8 /etc/authbind/byport/443
sudo chmod 500 /etc/authbind/byport/443
Solving using setcap
Another way to solve this is to allow an executable binary to bind to the restricted ports which can be enabled by using the setcap
unix command:
sudo setcap cap_net_bind_service=+ep /path/to/binary
Solution that worked for me: redirect 443 requests to 8443.
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443
Use (/sbin/
)iptables-save
(as root) to make changes permanent.