Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Custom SSL Cert (wildcard especially) configuration?

brandall
Champ in-the-making
Champ in-the-making

‎04-02-2013 09:04 AM

Right-o, does anybody have any pointers on getting a custom SSL certificate to work holistically throughout an Alfresco installation? So far, I can:

1.) Get either a self-signed cert or a valid wildcard cert to install on Tomcat… yay. BUT: once I do this, it breaks both Jetty (for Sharepoint integration) and SOLR (for search, dashlet rendering, etc). I have minimized that effect by moving to Lucene in this test case, but Sharepoint refuses to work, specifically with the dreaded "Server could not be contacted" message; browsing to https://alfresco.xxx.com:7070 goes nowhere… so it seems Jetty just hangs up. To do this, I've used:

1.) A custom keystore (not the Alfresco defaults);
2.) Added a connector on 8443 in /tomcat/conf/server.xml, pointing to the custom keystore;
3.) Modified the endpoints in /tomcat/shared/classes/alfresco/web-extension/share-config-custom.xml to point to https:// and :8443;
4.) Modified Jetty in /tomcat/webapps/alfresco/WEB-INF/classes/alfresco/module/org.alfresco.module.vti/context/vti-context.xml to use the new keystore location, the new keypassword and password (using the default "changeit" to avoid typos), and a keystore type of JKS as specified in ./keytool commands;
5.) And added the following to alfresco-global.properties to tie it all together:

#####################
### CUSTOM CONTEXT###
#####################

web.application.context.url=https://127.0.0.1:8443/alfresco

alfresco.context=alfresco
alfresco.host=${localname}
alfresco.port=8443
alfresco.protocol=https

share.context=share
share.host=${localname}
share.port=8443
share.protocol=https

##########################
### CUSTOM SHAREPOINT ###
##########################

vti.server.external.host=alfresco.mydomain.com
vti.server.external.port=7070
vti.server.external.protocol=https

7.) I have tried this both on 4.2.c as well as the 4.2.d nightly, which I'm leaning towards as I understand there are a few Jetty bugs/issues in 4.2.c from the JIRA. Same results on both, however.

SO!

As I mentioned, this gets HTTPS working pretty well. I get my certificate served up and trusted, the application generally functions, but I must be missing something, because SOLR and Jetty just WILL NOT PLAY WELL. I can post up log info, but the broken SOLR is jamming up the logs extensively, so before doing large and possibly unhelpful dumps, does anyone have a sense of what could be broken given the above, or know of a more comprehensive walkthrough a la http://www.optimit.hr/blog/-/blogs/alfresco-https-setup, which I found to be more complete/helpful than the Alfresco and Tomcat documentation in getting this far?

Many thanks, and cheers,

br
Labels:
0 Kudos
1 REPLY 1

102020
Champ on-the-rise
Champ on-the-rise

‎04-08-2013 04:32 PM

check this out, I've been documenting my whole process, just figured out the SSL today: http://forums.alfresco.com/forum/installation-upgrades-configuration-integration/installation-upgrad...

Your config sounds very similar. I'm just debugging some SSO since I got SSL going, and specifically with the 1 login popup opening Sharepoint over SSL now.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC