https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142785#M37968 <P>Run <A href="https://github.com/Alfresco/alfresco-docker-installer" target="_self" rel="nofollow noopener noreferrer">installer</A>, create test deployment with solr ssl and compare your configuration with generated by installer.</P> Tue, 14 Mar 2023 13:06:28 GMT fedorow 2023-03-14T13:06:28Z https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142783#M37966 <P>hi guys i need help regarding error in configuring SSL .. i change my configuration from secret to https i remove secret in my configuration of docker-compose.yml and always keep showing me this error</P><P><SPAN class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="secret error configuration.png" style="width: 999px;"><span class="lia-inline-image-display-wrapper" image-alt="image"><img src="https://connect.hyland.com/t5/image/serverpage/image-id/1651iA4BD2BE0B3FA637E/image-size/large?v=v2&amp;px=999" role="button" title="image" alt="image" /></span></SPAN></P> Tue, 14 Mar 2023 06:46:32 GMT https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142783#M37966 crisdev13 2023-03-14T06:46:32Z https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142784#M37967 <P>here is my docker-compose.yml file&nbsp;</P><PRE># Using version 2 as 3 does not support resource constraint options (cpu_*, mem_* limits) for non swarm mode in Compose version: "2" services: alfresco: build: context: ./alfresco args: ALFRESCO_TAG: ${ALFRESCO_CE_TAG} DB: postgres SOLR_COMMS: https TRUSTSTORE_TYPE: JCEKS TRUSTSTORE_PASS: truststore KEYSTORE_TYPE: JCEKS KEYSTORE_PASS: keystore mem_limit: 7360m depends_on: - postgres environment: JAVA_TOOL_OPTIONS: " -Dencryption.keystore.type=JCEKS -Dencryption.cipherAlgorithm=DESede/CBC/PKCS5Padding -Dencryption.keyAlgorithm=DESede -Dencryption.keystore.location=/usr/local/tomcat/shared/classes/alfresco/extension/keystore/keystore -Dmetadata-keystore.password=mp6yc0UD9e -Dmetadata-keystore.aliases=metadata -Dmetadata-keystore.metadata.password=oKIWzVdEdA -Dmetadata-keystore.metadata.algorithm=DESede -Dssl-keystore.password=keystore -Dssl-keystore.aliases=ssl-alfresco-ca,ssl-repo -Dssl-keystore.ssl-alfresco-ca.password=keystore -Dssl-keystore.ssl-repo.password=keystore -Dssl-truststore.password=truststore -Dssl-truststore.aliases=alfresco-ca,ssl-repo-client -Dssl-truststore.alfresco-ca.password=truststore -Dssl-truststore.ssl-repo-client.password=truststore " JAVA_OPTS : ' -Ddb.username=alfresco -Ddb.password=alfresco -Ddb.driver=org.postgresql.Driver -Ddb.url=jdbc:postgresql://postgres:5432/alfresco -Dalfresco_user_store.adminpassword=209c6174da490caeb422f3fa5a7ae634 -Dsystem.preferred.password.encoding=bcrypt10 -Dsolr.host=solr6 -Dsolr.port=8983 -Dsolr.port.ssl=8983 -Dsolr.secureComms=https -Dsolr.baseUrl=/solr -Dindex.subsystem.name=solr6 -Ddir.keystore=/usr/local/tomcat/keystore -Dalfresco.encryption.ssl.keystore.type=JCEKS -Dalfresco.encryption.ssl.truststore.type=JCEKS -Dalfresco.host=${SERVER_NAME} -Dalfresco.port=80 -Dapi-explorer.url=https://${SERVER_NAME}:80/api-explorer -Dalfresco.protocol=https -Dshare.host=${SERVER_NAME} -Dshare.port=80 -Dshare.protocol=https -Daos.baseUrlOverwrite=https://${SERVER_NAME}/alfresco/aos -Dmessaging.broker.url="failover:(nio://activemq:61616)?timeout=3000&amp;jms.useCompression=true" -Ddeployment.method=DOCKER_COMPOSE -Dcsrf.filter.enabled=false -Dftp.enabled=true -Dftp.port=2121 -Dftp.dataPortFrom=2433 -Dftp.dataPortTo=2434 -Dopencmis.server.override=true -Dopencmis.server.value=https://${SERVER_NAME}:80 -DlocalTransform.core-aio.url=http://transform-core-aio:8090/ -Dcsrf.filter.enabled=false -Dalfresco.restApi.basicAuthScheme=true -Dauthentication.protection.enabled=false -XX:+UseG1GC -XX:+UseStringDeduplication -Dgoogledocs.enabled=true -Xms6848m -Xmx6848m -Dauthentication.chain=alfinst:alfrescoNtlm,ldap1:ldap -Dldap.authentication.active=true -Dldap.authentication.java.naming.provider.url=ldap://openldap:389 -Dldap.authentication.userNameFormat=uid=%s,dc=keensoft,dc=es -Dldap.synchronization.active=false -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 ' volumes: - ./data/alf-repo-data:/usr/local/tomcat/alf_data - ./logs/alfresco:/usr/local/tomcat/logs - ./keystores/alfresco:/usr/local/tomcat/keystore ports: - 2121:2121 - 2433:2433 - 2434:2434 transform-core-aio: image: alfresco/alfresco-transform-core-aio:${TRANSFORM_ENGINE_TAG} mem_limit: 2048m environment: JAVA_OPTS: " -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 -Dserver.tomcat.threads.max=12 -Dserver.tomcat.threads.min=4 -Dlogging.level.org.alfresco.transform.router.TransformerDebug=ERROR " share: build: context: ./share args: SHARE_TAG: ${SHARE_TAG} SERVER_NAME: ${SERVER_NAME} mem_limit: 1840m environment: REPO_HOST: "alfresco" REPO_PORT: "8080" CSRF_FILTER_REFERER: "https://localhost:80/.*" CSRF_FILTER_ORIGIN: "https://localhost:80" JAVA_OPTS: " -Xms1712m -Xmx1712m -Dalfresco.context=alfresco -Dalfresco.protocol=https -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 " volumes: - ./logs/share:/usr/local/tomcat/logs postgres: image: postgres:${POSTGRES_TAG} mem_limit: 1840m environment: - POSTGRES_PASSWORD=alfresco - POSTGRES_USER=alfresco - POSTGRES_DB=alfresco command: " postgres -c max_connections=200 -c logging_collector=on -c log_min_messages=LOG -c log_directory=/var/log/postgresql" ports: - 5432:5432 volumes: - ./data/postgres-data:/var/lib/postgresql/data - ./logs/postgres:/var/log/postgresql solr6: build: context: ./search args: SEARCH_TAG: ${SEARCH_CE_TAG} SOLR_HOSTNAME: solr6 ALFRESCO_HOSTNAME: alfresco ALFRESCO_COMMS: https TRUSTSTORE_TYPE: JCEKS KEYSTORE_TYPE: JCEKS CROSS_LOCALE: "true" mem_limit: 3680m environment: #Solr needs to know how to register itself with Alfresco SOLR_ALFRESCO_HOST: "alfresco" SOLR_ALFRESCO_PORT: "8443" #Alfresco needs to know how to call solr SOLR_SOLR_HOST: "solr6" SOLR_SOLR_PORT: "8983" #Create the default alfresco and archive cores SOLR_CREATE_ALFRESCO_DEFAULTS: "alfresco,archive" SOLR_JAVA_MEM: "-Xms3424m -Xmx3424m" SOLR_SSL_TRUST_STORE: "/opt/alfresco-search-services/keystore/ssl-repo-client.truststore" SOLR_SSL_TRUST_STORE_PASSWORD: "truststore" SOLR_SSL_TRUST_STORE_TYPE: "JCEKS" SOLR_SSL_KEY_STORE: "/opt/alfresco-search-services/keystore/ssl-repo-client.keystore" SOLR_SSL_KEY_STORE_PASSWORD: "keystore" SOLR_SSL_KEY_STORE_TYPE: "JCEKS" SOLR_SSL_NEED_CLIENT_AUTH: "true" JAVA_TOOL_OPTIONS: " -Dsolr.jetty.truststore.password=truststore -Dsolr.jetty.keystore.password=keystore -Dssl-keystore.password=keystore -Dssl-keystore.aliases=ssl-alfresco-ca,ssl-repo-client -Dssl-keystore.ssl-alfresco-ca.password=keystore -Dssl-keystore.ssl-repo-client.password=keystore -Dssl-truststore.password=truststore -Dssl-truststore.aliases=ssl-alfresco-ca,ssl-repo,ssl-repo-client -Dssl-truststore.ssl-alfresco-ca.password=truststore -Dssl-truststore.ssl-repo.password=truststore -Dssl-truststore.ssl-repo-client.password=truststore " SOLR_OPTS: " -XX:NewSize=1584m -XX:MaxNewSize=1584m -Dsolr.ssl.checkPeerName=false -Dsolr.allow.unsafe.resourceloading=true " volumes: - ./data/solr-data:/opt/alfresco-search-services/data - ./keystores/solr:/opt/alfresco-search-services/keystore ports: - 8983:8983 activemq: image: alfresco/alfresco-activemq:${ACTIVEMQ_TAG} mem_limit: 1g ports: - 8161:8161 volumes: - ./data/activemq-data:/opt/activemq/data content-app: image: alfresco/alfresco-content-app:${ACA_TAG} mem_limit: 256m depends_on: - alfresco - share # HTTP proxy to provide HTTP Default port access to services # SOLR API and SOLR Web Console are protected to avoid unauthenticated access proxy: image: nginx:stable-alpine mem_limit: 128m depends_on: - alfresco - solr6 - share - content-app volumes: - ./config/nginx.conf:/etc/nginx/nginx.conf - ./config/nginx.htpasswd:/etc/nginx/conf.d/nginx.htpasswd - ./config/cert/localhost.cer:/etc/nginx/localhost.cer - ./config/cert/localhost.key:/etc/nginx/localhost.key ports: - 80:80 openldap: image: osixia/openldap:1.4.0 mem_limit: 128m container_name: openldap environment: LDAP_DOMAIN: "alfresco.org" LDAP_BASE_DN: "dc=alfresco,dc=org" LDAP_ADMIN_PASSWORD: "admin" volumes: - ./data/slapd/database:/var/lib/ldap - ./data/slapd/config:/etc/ldap/slapd.d phpldapadmin: image: osixia/phpldapadmin mem_limit: 128m container_name: phpldapadmin environment: PHPLDAPADMIN_LDAP_HOSTS: "openldap" PHPLDAPADMIN_HTTPS=false: links: - openldap depends_on: - openldap ports: - 8088:80 </PRE> Tue, 14 Mar 2023 06:47:11 GMT https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142784#M37967 crisdev13 2023-03-14T06:47:11Z https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142785#M37968 <P>Run <A href="https://github.com/Alfresco/alfresco-docker-installer" target="_self" rel="nofollow noopener noreferrer">installer</A>, create test deployment with solr ssl and compare your configuration with generated by installer.</P> Tue, 14 Mar 2023 13:06:28 GMT https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142785#M37968 fedorow 2023-03-14T13:06:28Z https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142786#M37969 <P>sir i compare i do what you said the only difference is java memory&nbsp;</P> Wed, 15 Mar 2023 07:01:56 GMT https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142786#M37969 crisdev13 2023-03-15T07:01:56Z https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142787#M37970 <P>This yaml file works for me perfect. Bring it in right yaml format and change port from 80 to 443 as you use https for share and alfresco.</P><P>Did you rebuild container with forse recreate or no cache options?</P> Mon, 20 Mar 2023 19:13:42 GMT https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142787#M37970 fedorow 2023-03-20T19:13:42Z https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142788#M37971 <P>yes sir i re-build the container using --force --recreate. i dont use cache options sir</P> Wed, 22 Mar 2023 04:58:11 GMT https://connect.hyland.com/t5/alfresco-forum/error-secret-in-configuring-ssl-in-alfresco-community-7-2/m-p/142788#M37971 crisdev13 2023-03-22T04:58:11Z