https://connect.hyland.com/t5/alfresco-forum/alfresco-behind-pfsense-nat-not-secure-even-with-valid/m-p/105344#M29803 <P>Hello,</P><P>sorry for my bad english. I'm actually creating a fresh infra to test alfresco using a pfsense in front. Using port-forwarding solution is not a good practice. The best way is to use a reverse proxy on top of alfresco (haproxy). pfsense can provide haproxy and use let's encrypt with acme, or you can forward all request to a reverse proxy component (apache, nginx, haproxy, etc) in front of alfresco <img id="smileywink" class="emoticon emoticon-smileywink" src="https://connect.hyland.com/i/smilies/16x16_smiley-wink.png" alt="Smiley Wink" title="Smiley Wink" /></P> Sat, 28 Mar 2020 23:45:36 GMT zerros 2020-03-28T23:45:36Z https://connect.hyland.com/t5/alfresco-forum/alfresco-behind-pfsense-nat-not-secure-even-with-valid/m-p/105341#M29800 <P>Hi,</P><P>Not sure if this is alfresco related but maybe someone could give me some insight.</P><P>I have an alfresco instance (<A href="https://alfresco.a1.ind.br" target="_blank" rel="noopener nofollow noreferrer">https://alfresco.a1.ind.br</A>) running from a port-forward rule on my pfsense firewall. I have the same configuration for our site (<A href="https://a1.ind.br" target="_blank" rel="noopener nofollow noreferrer">https://a1.ind.br</A>) and it works fine.</P><P>Some users are complaining about invalid certificate and thus no closed padlock icon. When I check from Chrome it says this site is not secure, but the certificate is a valid LetsEncrypt . Checking on&nbsp;<A href="https://www.digicert.com/help/" target="_blank" rel="noopener nofollow noreferrer">https://www.digicert.com/help/</A>&nbsp;all seems fine.</P><P>What could be wrong?</P><P>Thanks for any help!</P> Fri, 27 Mar 2020 20:05:31 GMT https://connect.hyland.com/t5/alfresco-forum/alfresco-behind-pfsense-nat-not-secure-even-with-valid/m-p/105341#M29800 mmerlone 2020-03-27T20:05:31Z https://connect.hyland.com/t5/alfresco-forum/alfresco-behind-pfsense-nat-not-secure-even-with-valid/m-p/105342#M29801 <P>Never mind.</P><P>Just found a link to <A href="http://www.becpf.fr/becpg-plm-community-2.2.1.png" target="_blank" rel="nofollow noopener noreferrer">http://www.becpf.fr/becpg-plm-community-2.2.1.png</A> on&nbsp;./tomcat/webapps/share/WEB-INF/classes/alfresco/becpg-plm-share-config.xml. Changed to https and is all set.</P><P>Sorry for the noise, best regards.</P> Fri, 27 Mar 2020 20:22:54 GMT https://connect.hyland.com/t5/alfresco-forum/alfresco-behind-pfsense-nat-not-secure-even-with-valid/m-p/105342#M29801 mmerlone 2020-03-27T20:22:54Z https://connect.hyland.com/t5/alfresco-forum/alfresco-behind-pfsense-nat-not-secure-even-with-valid/m-p/105343#M29802 <P>Hi&nbsp;<A href="https://migration33.stage.lithium.com/t5/user/viewprofilepage/user-id/241">@mmerlone</A>,</P> <P>Great you found a solution and thanks for updating your thread - really useful to other users.&nbsp;</P> Sat, 28 Mar 2020 15:07:33 GMT https://connect.hyland.com/t5/alfresco-forum/alfresco-behind-pfsense-nat-not-secure-even-with-valid/m-p/105343#M29802 EddieMay 2020-03-28T15:07:33Z https://connect.hyland.com/t5/alfresco-forum/alfresco-behind-pfsense-nat-not-secure-even-with-valid/m-p/105344#M29803 <P>Hello,</P><P>sorry for my bad english. I'm actually creating a fresh infra to test alfresco using a pfsense in front. Using port-forwarding solution is not a good practice. The best way is to use a reverse proxy on top of alfresco (haproxy). pfsense can provide haproxy and use let's encrypt with acme, or you can forward all request to a reverse proxy component (apache, nginx, haproxy, etc) in front of alfresco <img id="smileywink" class="emoticon emoticon-smileywink" src="https://connect.hyland.com/i/smilies/16x16_smiley-wink.png" alt="Smiley Wink" title="Smiley Wink" /></P> Sat, 28 Mar 2020 23:45:36 GMT https://connect.hyland.com/t5/alfresco-forum/alfresco-behind-pfsense-nat-not-secure-even-with-valid/m-p/105344#M29803 zerros 2020-03-28T23:45:36Z