Making https default for GAE java application with domain on NameSilo





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







0















I spent considerable time and figured out most parts but I am stuck at the last piece. I have a GAE java web application with domain from Namesilo, I enabled https by enabling managed security and now I am able to access the domain with https:// and http://.



Like all applications on net today and for SEO boost, I would like to make https default option for my domain/application.



I have tried doing 301 permanent forwarding in Namesilo to https://. However that is overriding the CNAME and A records in Namesilo and also, the forwarding to https is not working. I am not able to find much material on the net about this.



Can anyone please help or provide pointers on how to make https default for GAE java app with Namesilo domain.










share|improve this question























  • standard or flex environment?

    – Dan Cornilescu
    Nov 24 '18 at 17:20











  • @Dan it is standard environment, auto scaling

    – Karthik
    Nov 24 '18 at 17:25


















0















I spent considerable time and figured out most parts but I am stuck at the last piece. I have a GAE java web application with domain from Namesilo, I enabled https by enabling managed security and now I am able to access the domain with https:// and http://.



Like all applications on net today and for SEO boost, I would like to make https default option for my domain/application.



I have tried doing 301 permanent forwarding in Namesilo to https://. However that is overriding the CNAME and A records in Namesilo and also, the forwarding to https is not working. I am not able to find much material on the net about this.



Can anyone please help or provide pointers on how to make https default for GAE java app with Namesilo domain.










share|improve this question























  • standard or flex environment?

    – Dan Cornilescu
    Nov 24 '18 at 17:20











  • @Dan it is standard environment, auto scaling

    – Karthik
    Nov 24 '18 at 17:25














0












0








0








I spent considerable time and figured out most parts but I am stuck at the last piece. I have a GAE java web application with domain from Namesilo, I enabled https by enabling managed security and now I am able to access the domain with https:// and http://.



Like all applications on net today and for SEO boost, I would like to make https default option for my domain/application.



I have tried doing 301 permanent forwarding in Namesilo to https://. However that is overriding the CNAME and A records in Namesilo and also, the forwarding to https is not working. I am not able to find much material on the net about this.



Can anyone please help or provide pointers on how to make https default for GAE java app with Namesilo domain.










share|improve this question














I spent considerable time and figured out most parts but I am stuck at the last piece. I have a GAE java web application with domain from Namesilo, I enabled https by enabling managed security and now I am able to access the domain with https:// and http://.



Like all applications on net today and for SEO boost, I would like to make https default option for my domain/application.



I have tried doing 301 permanent forwarding in Namesilo to https://. However that is overriding the CNAME and A records in Namesilo and also, the forwarding to https is not working. I am not able to find much material on the net about this.



Can anyone please help or provide pointers on how to make https default for GAE java app with Namesilo domain.







google-app-engine https






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 24 '18 at 17:13









KarthikKarthik

170312




170312













  • standard or flex environment?

    – Dan Cornilescu
    Nov 24 '18 at 17:20











  • @Dan it is standard environment, auto scaling

    – Karthik
    Nov 24 '18 at 17:25



















  • standard or flex environment?

    – Dan Cornilescu
    Nov 24 '18 at 17:20











  • @Dan it is standard environment, auto scaling

    – Karthik
    Nov 24 '18 at 17:25

















standard or flex environment?

– Dan Cornilescu
Nov 24 '18 at 17:20





standard or flex environment?

– Dan Cornilescu
Nov 24 '18 at 17:20













@Dan it is standard environment, auto scaling

– Karthik
Nov 24 '18 at 17:25





@Dan it is standard environment, auto scaling

– Karthik
Nov 24 '18 at 17:25












2 Answers
2






active

oldest

votes


















1














In the standard environment you can use the <ssl-enabled> config option in the appengine-web.xml file to require HTTPS, which causes an automatic redirection. From Syntax:




<ssl-enabled>


Optional. By default, any user can access any URL using either HTTP or
HTTPS. You can configure an app to require HTTPS for certain URLs in
the deployment descriptor. See Deployment Descriptor: Secure
URLs.







share|improve this answer
























  • thank you, I will try this. Is this independent of setting in domain provider (Namesilo). Do I still need permanent forwarding in Namesilo setup along with this.

    – Karthik
    Nov 24 '18 at 17:39











  • As long as both http and https work fine the domain settings no longer matter from this perspective, the config applies to appspot.com as well. The domain/ssl setting only matter to get https working.

    – Dan Cornilescu
    Nov 24 '18 at 17:43











  • I did this in app-engine-web.xml and redeployed. It works if I directly access appname.appspot.com but when I use domainName.com it is not redirecting to https, am I missing anything else.

    – Karthik
    Nov 24 '18 at 18:01











  • Is domainName.com a naked domain or a host/subdomain? Does it resolve to ghs.google.com?

    – Dan Cornilescu
    Nov 24 '18 at 18:18






  • 1





    Dan, you pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…) - <security-constraint> <web-resource-collection> <web-resource-name>HTTPS redirect</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

    – Karthik
    Nov 24 '18 at 20:57





















1














Dan had pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…)



 <security-constraint>
<web-resource-collection>
<web-resource-name>HTTPS redirect</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>





share|improve this answer


























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53460557%2fmaking-https-default-for-gae-java-application-with-domain-on-namesilo%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    In the standard environment you can use the <ssl-enabled> config option in the appengine-web.xml file to require HTTPS, which causes an automatic redirection. From Syntax:




    <ssl-enabled>


    Optional. By default, any user can access any URL using either HTTP or
    HTTPS. You can configure an app to require HTTPS for certain URLs in
    the deployment descriptor. See Deployment Descriptor: Secure
    URLs.







    share|improve this answer
























    • thank you, I will try this. Is this independent of setting in domain provider (Namesilo). Do I still need permanent forwarding in Namesilo setup along with this.

      – Karthik
      Nov 24 '18 at 17:39











    • As long as both http and https work fine the domain settings no longer matter from this perspective, the config applies to appspot.com as well. The domain/ssl setting only matter to get https working.

      – Dan Cornilescu
      Nov 24 '18 at 17:43











    • I did this in app-engine-web.xml and redeployed. It works if I directly access appname.appspot.com but when I use domainName.com it is not redirecting to https, am I missing anything else.

      – Karthik
      Nov 24 '18 at 18:01











    • Is domainName.com a naked domain or a host/subdomain? Does it resolve to ghs.google.com?

      – Dan Cornilescu
      Nov 24 '18 at 18:18






    • 1





      Dan, you pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…) - <security-constraint> <web-resource-collection> <web-resource-name>HTTPS redirect</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

      – Karthik
      Nov 24 '18 at 20:57


















    1














    In the standard environment you can use the <ssl-enabled> config option in the appengine-web.xml file to require HTTPS, which causes an automatic redirection. From Syntax:




    <ssl-enabled>


    Optional. By default, any user can access any URL using either HTTP or
    HTTPS. You can configure an app to require HTTPS for certain URLs in
    the deployment descriptor. See Deployment Descriptor: Secure
    URLs.







    share|improve this answer
























    • thank you, I will try this. Is this independent of setting in domain provider (Namesilo). Do I still need permanent forwarding in Namesilo setup along with this.

      – Karthik
      Nov 24 '18 at 17:39











    • As long as both http and https work fine the domain settings no longer matter from this perspective, the config applies to appspot.com as well. The domain/ssl setting only matter to get https working.

      – Dan Cornilescu
      Nov 24 '18 at 17:43











    • I did this in app-engine-web.xml and redeployed. It works if I directly access appname.appspot.com but when I use domainName.com it is not redirecting to https, am I missing anything else.

      – Karthik
      Nov 24 '18 at 18:01











    • Is domainName.com a naked domain or a host/subdomain? Does it resolve to ghs.google.com?

      – Dan Cornilescu
      Nov 24 '18 at 18:18






    • 1





      Dan, you pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…) - <security-constraint> <web-resource-collection> <web-resource-name>HTTPS redirect</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

      – Karthik
      Nov 24 '18 at 20:57
















    1












    1








    1







    In the standard environment you can use the <ssl-enabled> config option in the appengine-web.xml file to require HTTPS, which causes an automatic redirection. From Syntax:




    <ssl-enabled>


    Optional. By default, any user can access any URL using either HTTP or
    HTTPS. You can configure an app to require HTTPS for certain URLs in
    the deployment descriptor. See Deployment Descriptor: Secure
    URLs.







    share|improve this answer













    In the standard environment you can use the <ssl-enabled> config option in the appengine-web.xml file to require HTTPS, which causes an automatic redirection. From Syntax:




    <ssl-enabled>


    Optional. By default, any user can access any URL using either HTTP or
    HTTPS. You can configure an app to require HTTPS for certain URLs in
    the deployment descriptor. See Deployment Descriptor: Secure
    URLs.








    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Nov 24 '18 at 17:34









    Dan CornilescuDan Cornilescu

    30.2k113867




    30.2k113867













    • thank you, I will try this. Is this independent of setting in domain provider (Namesilo). Do I still need permanent forwarding in Namesilo setup along with this.

      – Karthik
      Nov 24 '18 at 17:39











    • As long as both http and https work fine the domain settings no longer matter from this perspective, the config applies to appspot.com as well. The domain/ssl setting only matter to get https working.

      – Dan Cornilescu
      Nov 24 '18 at 17:43











    • I did this in app-engine-web.xml and redeployed. It works if I directly access appname.appspot.com but when I use domainName.com it is not redirecting to https, am I missing anything else.

      – Karthik
      Nov 24 '18 at 18:01











    • Is domainName.com a naked domain or a host/subdomain? Does it resolve to ghs.google.com?

      – Dan Cornilescu
      Nov 24 '18 at 18:18






    • 1





      Dan, you pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…) - <security-constraint> <web-resource-collection> <web-resource-name>HTTPS redirect</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

      – Karthik
      Nov 24 '18 at 20:57





















    • thank you, I will try this. Is this independent of setting in domain provider (Namesilo). Do I still need permanent forwarding in Namesilo setup along with this.

      – Karthik
      Nov 24 '18 at 17:39











    • As long as both http and https work fine the domain settings no longer matter from this perspective, the config applies to appspot.com as well. The domain/ssl setting only matter to get https working.

      – Dan Cornilescu
      Nov 24 '18 at 17:43











    • I did this in app-engine-web.xml and redeployed. It works if I directly access appname.appspot.com but when I use domainName.com it is not redirecting to https, am I missing anything else.

      – Karthik
      Nov 24 '18 at 18:01











    • Is domainName.com a naked domain or a host/subdomain? Does it resolve to ghs.google.com?

      – Dan Cornilescu
      Nov 24 '18 at 18:18






    • 1





      Dan, you pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…) - <security-constraint> <web-resource-collection> <web-resource-name>HTTPS redirect</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

      – Karthik
      Nov 24 '18 at 20:57



















    thank you, I will try this. Is this independent of setting in domain provider (Namesilo). Do I still need permanent forwarding in Namesilo setup along with this.

    – Karthik
    Nov 24 '18 at 17:39





    thank you, I will try this. Is this independent of setting in domain provider (Namesilo). Do I still need permanent forwarding in Namesilo setup along with this.

    – Karthik
    Nov 24 '18 at 17:39













    As long as both http and https work fine the domain settings no longer matter from this perspective, the config applies to appspot.com as well. The domain/ssl setting only matter to get https working.

    – Dan Cornilescu
    Nov 24 '18 at 17:43





    As long as both http and https work fine the domain settings no longer matter from this perspective, the config applies to appspot.com as well. The domain/ssl setting only matter to get https working.

    – Dan Cornilescu
    Nov 24 '18 at 17:43













    I did this in app-engine-web.xml and redeployed. It works if I directly access appname.appspot.com but when I use domainName.com it is not redirecting to https, am I missing anything else.

    – Karthik
    Nov 24 '18 at 18:01





    I did this in app-engine-web.xml and redeployed. It works if I directly access appname.appspot.com but when I use domainName.com it is not redirecting to https, am I missing anything else.

    – Karthik
    Nov 24 '18 at 18:01













    Is domainName.com a naked domain or a host/subdomain? Does it resolve to ghs.google.com?

    – Dan Cornilescu
    Nov 24 '18 at 18:18





    Is domainName.com a naked domain or a host/subdomain? Does it resolve to ghs.google.com?

    – Dan Cornilescu
    Nov 24 '18 at 18:18




    1




    1





    Dan, you pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…) - <security-constraint> <web-resource-collection> <web-resource-name>HTTPS redirect</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

    – Karthik
    Nov 24 '18 at 20:57







    Dan, you pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…) - <security-constraint> <web-resource-collection> <web-resource-name>HTTPS redirect</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

    – Karthik
    Nov 24 '18 at 20:57















    1














    Dan had pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…)



     <security-constraint>
    <web-resource-collection>
    <web-resource-name>HTTPS redirect</web-resource-name>
    <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
    </security-constraint>





    share|improve this answer






























      1














      Dan had pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…)



       <security-constraint>
      <web-resource-collection>
      <web-resource-name>HTTPS redirect</web-resource-name>
      <url-pattern>/*</url-pattern>
      </web-resource-collection>
      <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
      </security-constraint>





      share|improve this answer




























        1












        1








        1







        Dan had pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…)



         <security-constraint>
        <web-resource-collection>
        <web-resource-name>HTTPS redirect</web-resource-name>
        <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
        </security-constraint>





        share|improve this answer















        Dan had pointed me in the right direction. In addition to marking ssl-enabled to true, I had to set the security-constraint in web.xml also as below from one of the other StackOverflow answers (stackoverflow.com/questions/5367974/…)



         <security-constraint>
        <web-resource-collection>
        <web-resource-name>HTTPS redirect</web-resource-name>
        <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
        </security-constraint>






        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Nov 25 '18 at 3:57

























        answered Nov 25 '18 at 0:37









        KarthikKarthik

        170312




        170312






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53460557%2fmaking-https-default-for-gae-java-application-with-domain-on-namesilo%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            這個網誌中的熱門文章

            Xamarin.form Move up view when keyboard appear

            Post-Redirect-Get with Spring WebFlux and Thymeleaf

            Anylogic : not able to use stopDelay()