SSL Errors accessing administrator. Server.xml Connector issues?

Tomcat 8.5.28
Server 2012 R2/IIS 8

I just started having issues accessing my web & server admins.

This used to work fine but browsers are now returning

My site works -fine- anywhere but from the server itself.

A call to my admin context

fails with the error SSL_ERROR, which i understand is likely due to plaintext being sent rather than the expected encrypted data.

a call to the generic context (no https)
works fine…but obviously can’t do anything useful with that.

I have HSTS enabled so https is enforced even for the admin side and request filtering (deny) for /lucee/admin/ enabled for the public side

Multiple things have changed recently

I recently made a couple of changes to my cipher suites on my server (dropped off a couple of insecure non-AEAD ciphers which are being penalized March 2018)
Installed Tomcat 8.5.28
Browsers (chrome & FF) both updated to latest builds

I’m not sure if any of those have caused the issue…

My guess is that this is due to an incorrect setup (connector port? host?) in server.xml

My only connector port setup

My only host setup

Again, public side of things works fine & admin access worked fine until just recently…so I’m not sure if I broke it (likely?), or if some update did.


Ideally we need something like being able to be select any web contexts to administer via the server admin,
without having to directly access the web context via hostname and dns, that way you could
access the web admin for your site via

Update on this. It’s still a (big) problem but I was able to access web admin over http using IE11.

I’d never accessed web.cfm with IE before and I did put in an exception in my URL rewrite to skip just as a guess so maybe that helped…

Not sure why as the main site is sending Strict-Transport-Security headers but maybe IE is less strict about following that…

The site is also HSTS Preloaded so that should force https…but maybe IE hasn’t updated their site list…

For now…I have a working admin.