topic Re: How to enable an additional certificate ? in Alfresco Archive

How to enable an additional certificate ?

ymoisan — Wed, 30 Oct 2013 20:39:48 GMT

Hi,We are running a vulnerability testing appliance and we have the following vulnerabilities associated with port 8443/tcp over SSL (Alfresco Tomcat) SL Certificate - Self-Signed CertificateSSL Certificate - Subject Common Name Does Not Match Server FQDNSSL Certificate - Signature Verification Fa

Re: How to enable an additional certificate ?

ymoisan — Thu, 31 Oct 2013 14:50:44 GMT

Ok now I understand the issue is between solr and Alfresco. I don't see instructions on how to create certificates other than self-signed (and with a longer keysize than the default of 1024 used with keytool -genkeypair) and I didn't find a way to have my non self-signed cert to show up in a ssl request, so I'll ask a different question. Since only ports 80 and 443 are open and everything else from the outsie is stopped by a firewall, can I safely dismiss the vulnerabilities found by saying it's internal communications within the Alfresco software stack that is not open to the web ? Our vulnerability testing appliance is in our internal network and that's why it finds port 8443. Am I missing something ?

TIA

Re: How to enable an additional certificate ?

ymoisan — Mon, 04 Nov 2013 16:44:19 GMT

Added address="127.0.0.1" in the <Connector port="8443" …> object and the vulnerability applicance can't hit the port anymore.