Alfresco community to listen to https

Question

I am using alfresco community 5.0.d and its installed on AWS. I am able to use it via http but I am not able to use it via https.

I have added security listener to https in AWS and also modified alfresco-global.properties as below.

alfresco.context=alfresco
alfresco.host=127.0.0.1
alfresco.port=443
alfresco.protocol=https

share.context=share
share.host=127.0.0.1
share.port=443
share.protocol=https

Still no solution.

Could you let me know the steps or blog for the process.

Thanks.

Answer 1

Personally, I have not set this up on AWS myself, so I don't know how that will effect things and what AWS services you can use to help with some of this, but look at the docs around setting up Alfresco with SSL for test or prod depending on what you want. You need to update your tomcat config or put something in front of it.

http://docs.alfresco.com/5.0/tasks/configure-ssl-test.html http://docs.alfresco.com/5.0/tasks/configure-ssl-prod.html

Also, if you're going to hit this from the internet (which I assume you are), you should change things from localhost to an IP or hostname. If you're doing SSL that really works, you'll want to use a real certificate and not just a self cert. In that case, you're going to need to make sure your hostname is registered and that the certificate is created against it.

Answer 2

As I said in my comment, this is not what has been asked, but as requested I am explaining my configuration.

I am warning everyone that I am not a network administrator, and even if I am using Alfresco on production use (with back up etc...) the website I am running is not under heavy load, or mission critical, and no-body is interested in hacking my website. So the scenario and configuration below may be unsuitable for you.

Scenario:

• Host: one EC2 instance (Linux)
• http blocked by EC2 rule, https only allowed
• Apache listening to https
• Alfresco 4.2 default installation, listening http

And the configuration for my domain:

<VirtualHost *:443>
   ServerName mydomain.com
   ServerAlias www.mydomain.com
   DocumentRoot /alldomain/mydomain/https

   ErrorLog path.to.log

   SSLEngine on
   SSLCertificateFile /path.to.crts/mydomain.crt
   SSLCertificateKeyFile /path.to.keys/mydomain.key
   SSLCertificateChainFile /path.to.pems/sub.class1.server.sha2.ca.pem

   ProxyPass /share ajp://127.0.0.1:8009/share
   ProxyPassReverse /share ajp://127.0.0.1:8009/share

   ProxyPass /alfresco ajp://127.0.0.1:8009/alfresco
   ProxyPassReverse /alfresco ajp://127.0.0.1:8009/alfresco

</VirtualHost>

As I also said I have many advantages:

• Easier to renew and change certificates
• I can redirect users when doing Alfresco maintenance
• I can tune http cache to reduce load on Alfresco