It's hard to make sense of tomcat documentation and looking at server.xml you will find a salad of ports that may be hard to understand because it's not really explained properly, or extensively, in the documentation.
For example, this line in the config file server.xml
<Connector port="8345" protocol="AJP/1.3" redirectPort="9875" />
And here you can find yet another redirect port:
<Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> I understand what the connector port does. In the first case you use that to create a worker in apache and send it there, in the second you open a port to access tomcat directly. However when it comes to the redirectport things become fuzzy.
Here is the explanation given by tomcat documentation for ajp port:
If this Connector is supporting non-SSL requests, and a request is received for which a matching requires SSL transport, Catalina will automatically redirect the request to the port number specified here.
I always pick a random redirect port over 1024 and it works,
But when would this come into practice? How does it know when a request requires SSL transport?
I have a satellite server running a tomcat module. This module comes into effect by redirecting traffic to the ajp connector with apache from the main server and vice versa.
In the main server https is enforced in apache. Does this mean all requests are sent to the satellite server encrypted or in plain text? I know that if I access the satellite server via port 8080 it's not encrypted, but I am wondering if this applies to the traffic being redirected to the main server as well and where does this redirect port come into effect.