That’s interesting. We have a similar settings with a reverse proxy which perform the https termination. But all I configured the xwiki.cfg with xwiki.home=https://my.domain:443/
and xwiki.url.protocol=https
so that xwiki is returning the correct (external) urls. No need to configure tomcat at all. I found this common with other application as well, or is this a wrong approach in this case?
See the documentation of the properties:
#-# The domain name to use when creating URLs to the default wiki. If set, the generated URLs will point to this server
#-# instead of the requested one. It should contain schema, domain and (optional) port, and the trailing /. For example:
#-# xwiki.home=http://www.xwiki.org/
#-# xwiki.home=http://wiki.mycompany.net:8080/
#-# The default protocol to use when generating an external URL. Can be overwritten in the wiki descriptor (“secure” property).
#-# If not set, the following is used:
#-# * during client request for the current wiki: the protocol from the URL used by the client
#-# * for a different wiki or during background tasks (mails, etc.): information come from the wiki descriptor (also fallback on main wiki)
#-# For example:
#-# xwiki.url.protocol=https