topic Custom SSL Cert (wildcard especially) configuration? in Alfresco Archive https://connect.hyland.com/t5/alfresco-archive/custom-ssl-cert-wildcard-especially-configuration/m-p/295609#M248739 <HTML><HEAD></HEAD><BODY><SPAN>Right-o, does anybody have any pointers on getting a custom SSL certificate to work holistically throughout an Alfresco installation? So far, I can:</SPAN><BR /><BR /><SPAN>1.) Get either a self-signed cert or a valid wildcard cert to install on Tomcat… yay. BUT: once I do this, it breaks both Jetty (for Sharepoint integration) and SOLR (for search, dashlet rendering, etc). I have minimized that effect by moving to Lucene in this test case, but Sharepoint refuses to work, specifically with the dreaded "Server could not be contacted" message; browsing to </SPAN><A href="https://alfresco.xxx.com:7070" rel="nofollow noopener noreferrer">https://alfresco.xxx.com:7070</A><SPAN> goes nowhere… so it seems Jetty just hangs up. To do this, I've used:</SPAN><BR /><BR /><SPAN>1.) A custom keystore (not the Alfresco defaults);</SPAN><BR /><SPAN>2.) Added a connector on 8443 in /tomcat/conf/server.xml, pointing to the custom keystore;</SPAN><BR /><SPAN><SPAN>3.) Modified the endpoints in /tomcat/shared/classes/alfresco/web-extension/share-config-custom.xml to point to </SPAN><A class="jive-link-external-small" href="https://" rel="nofollow noopener noreferrer">https://</A><SPAN> and :8443;</SPAN></SPAN><BR /><SPAN>4.) Modified Jetty in /tomcat/webapps/alfresco/WEB-INF/classes/alfresco/module/</SPAN><A href="http://org.alfresco.module.vti/context/vti-context.xml" rel="nofollow noopener noreferrer">org.alfresco.module.vti/context/vti-context.xml</A><SPAN> to use the new keystore location, the new keypassword and password (using the default "changeit" to avoid typos), and a keystore type of JKS as specified in ./keytool commands;</SPAN><BR /><SPAN>5.) And added the following to alfresco-global.properties to tie it all together:</SPAN><BR /><BR /><SPAN>#####################</SPAN><BR /><SPAN>### CUSTOM CONTEXT###</SPAN><BR /><SPAN>#####################</SPAN><BR /><BR /><SPAN>web.application.context.url=</SPAN><A href="https://127.0.0.1:8443/alfresco" rel="nofollow noopener noreferrer">https://127.0.0.1:8443/alfresco</A><BR /><BR /><SPAN>alfresco.context=alfresco</SPAN><BR /><SPAN>alfresco.host=${localname}</SPAN><BR /><SPAN>alfresco.port=8443</SPAN><BR /><SPAN>alfresco.protocol=https</SPAN><BR /><BR /><SPAN>share.context=share</SPAN><BR /><SPAN>share.host=${localname}</SPAN><BR /><SPAN>share.port=8443</SPAN><BR /><SPAN>share.protocol=https</SPAN><BR /><BR /><SPAN>########################## </SPAN><BR /><SPAN>### CUSTOM SHAREPOINT ###</SPAN><BR /><SPAN>##########################</SPAN><BR /><BR /><SPAN>vti.server.external.host=alfresco.mydomain.com</SPAN><BR /><SPAN>vti.server.external.port=7070</SPAN><BR /><SPAN>vti.server.external.protocol=https</SPAN><BR /><BR /><SPAN>7.) I have tried this both on 4.2.c as well as the 4.2.d nightly, which I'm leaning towards as I understand there are a few Jetty bugs/issues in 4.2.c from the JIRA. Same results on both, however.</SPAN><BR /><BR /><SPAN>SO!</SPAN><BR /><BR /><SPAN>As I mentioned, this gets HTTPS working pretty well. I get my certificate served up and trusted, the application generally functions, but I must be missing something, because SOLR and Jetty just WILL NOT PLAY WELL. I can post up log info, but the broken SOLR is jamming up the logs extensively, so before doing large and possibly unhelpful dumps, does anyone have a sense of what could be broken given the above, or know of a more comprehensive walkthrough a la </SPAN><A href="http://www.optimit.hr/blog/-/blogs/alfresco-https-setup" rel="nofollow noopener noreferrer">http://www.optimit.hr/blog/-/blogs/alfresco-https-setup</A><SPAN>, which I found to be more complete/helpful than the Alfresco and Tomcat documentation in getting this far?</SPAN><BR /><BR /><SPAN>Many thanks, and cheers,</SPAN><BR /><BR /><SPAN>br</SPAN><BR /></BODY></HTML> Tue, 02 Apr 2013 13:04:04 GMT brandall 2013-04-02T13:04:04Z Custom SSL Cert (wildcard especially) configuration? https://connect.hyland.com/t5/alfresco-archive/custom-ssl-cert-wildcard-especially-configuration/m-p/295609#M248739 Right-o, does anybody have any pointers on getting a custom SSL certificate to work holistically throughout an Alfresco installation? So far, I can:1.) Get either a self-signed cert or a valid wildcard cert to install on Tomcat… yay. BUT: once I do this, it breaks both Jetty (for Sharepoint integrat Tue, 02 Apr 2013 13:04:04 GMT https://connect.hyland.com/t5/alfresco-archive/custom-ssl-cert-wildcard-especially-configuration/m-p/295609#M248739 brandall 2013-04-02T13:04:04Z Re: Custom SSL Cert (wildcard especially) configuration? https://connect.hyland.com/t5/alfresco-archive/custom-ssl-cert-wildcard-especially-configuration/m-p/295610#M248740 <HTML><HEAD></HEAD><BODY><SPAN>check this out, I've been documenting my whole process, just figured out the SSL today: </SPAN><A href="http://forums.alfresco.com/forum/installation-upgrades-configuration-integration/installation-upgrades/howto-installconfig-3x" rel="nofollow noopener noreferrer">http://forums.alfresco.com/forum/installation-upgrades-configuration-integration/installation-upgrades/howto-installconfig-3x</A><BR /><BR /><SPAN>Your config sounds very similar. I'm just debugging some SSO since I got SSL going, and specifically with the 1 login popup opening Sharepoint over SSL now.</SPAN></BODY></HTML> Mon, 08 Apr 2013 20:32:17 GMT https://connect.hyland.com/t5/alfresco-archive/custom-ssl-cert-wildcard-especially-configuration/m-p/295610#M248740 102020 2013-04-08T20:32:17Z