[In order not to use any registered domains let's use site1.example.net
and site2.example.com
], which are reserved for documentation purposes.]
Redirection from HTTPS to HTTP works just the same as redirection from HTTP to HTTPS with a twitch: when a client opens https://site1.example.net
, the server must present a trusted TLS certificate for site1.example.net
before any redirection is possible. Failing to do that will result in a security warning in the browser. I would use a Let's Encrypt certificate for that.
Otherwise you just need to configure two <Host>
s in your <Engine>
and two <Certificate>
s in your <Connector>
. Your site1.example.com
host needs a RewriteValve
to perform the redirect:
<Service name="Catalina">
<!-- HTTP connector -->
<Connector port="80" redirectPort="443"/>
<!-- HTTPS connector -->
<!-- If the client does not use SNI it ends up with site1.example.net certificate -->
<Connector port="443" SSLEnabled="true" scheme="https" secure="true"
defaultSSLHostConfigName="site1.example.net">
<SSLHostConfig hostName="site1.example.net">
<Certificate certificateFile="conf/site1.example.net.crt" certificateKeyFile="conf/site1.example.net.key" />
</SSLHostConfig>
<SSLHostConfig hostName="site2.example.com">
<Certificate certificateFile="conf/site2.example.com.crt" certificateKeyFile="conf/site2.example.com.key" />
</SSLHostConfig>
</Connector>
<!-- If a client doesn't send a Host: header or puts the IP in the Host: header it ends up on site1.example.net -->
<Engine defaultHost="site1.example.net" name="Catalina">
<Host appBase="webapps/site2.example.com" name="site2.example.com">
...
</Host>
<Host appBase="webapps/site1.example.net" name="site1.example.net">
<!-- We need it for the redirect -->
<Valve className="org.apache.catalina.valves.rewrite.RewriteValve" />
</Host>
</Engine>
</Service>
In order to configure the RewriteValve
you just need to create a file conf/Catalina/site1.example.net/rewrite.config
with content
# If the client connected through HTTPS
RewriteCond %{HTTPS} on
# Temporarily redirect to the HTTP version
RewriteRule ^ http://site1.example.net%{REQUEST_PATH} [R,L]