The following articles will walk through how to configure Cascade CMS to run over SSL:

 Linux/*nix SSL configuration

 Windows SSL configuration

Once the SSL connector has been enabled per those instructions, users can still access the application through the default port 8080. There are 2 options for preventing this from occurring:

  1. Comment out the HTTP/1.1 Connector in tomcat/conf/server.xml  (thus leaving only the SSL/TLS Connector).

  2. Force Tomcat over SSL. To do this, edit the file tomcat/conf/web.xml Add a <security-constraint>  element just before the closing </web-app>  element. For example:

<!-- Force SSL for entire site -->
         <web-resource-name>Cascade CMS</web-resource-name>    

More information on configuring SSL can be found at the Apache Tomcat web site.

Did this answer your question?