Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Howto Secure Alfresco with https: access?

dholgado
Champ in-the-making
Champ in-the-making

‎10-04-2007 05:27 AM

Can someone please explain how to configure alfresco 2.1.0 so that it is accesable via web only through https://

The system is running the Alfresco 2.1.0 tomcal bundle on linux with a mysql database

The linux distribution I have used is debian etch 4.0

I would also like to know how I can configure alfresco so that the user spaces are only accesable by the user alone.

Thank you
Labels:
0 Kudos
33 REPLIES 33

middleman
Champ in-the-making
Champ in-the-making

‎01-11-2011 10:28 PM

I am having difficulty implimenting this on a windows 2008 server with alfresco 3.4

Followed other peoples recommendations.  Is there anyone that has done this on a windows environment?

One error i did notice was access denied when i tried to specify the locaiton of keystore or crt file.
0 Kudos

middleman
Champ in-the-making
Champ in-the-making

‎01-11-2011 11:38 PM

I made the following changes

D:\Alfresco\tomcat\conf\server.xml

<Connector port="8181" URIEncoding="UTF-8" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

<Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
   
   <Connector protocol="org.apache.coyote.http11.Http11Protocol"
   port="8443" />

   <Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
   port="8443" />

   <Connector
      port="8443" maxThreads="200"
      scheme="https" secure="true" SSLEnabled="true"
      keystoreFile="C:\user\rokoloto\.keystore" "keystorePass="secret"
      clientAuth="false" sslProtocol="TLS"/>

Also ran the following:    

%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
name: my name
server host name
domain name
city
prov
country

yes/enter

Rebooted the server, now the regular page wont open "http://174.142.xxx.xxx:8181/share or if i use 8443 😕
0 Kudos

anidem
Champ in-the-making
Champ in-the-making

‎01-17-2011 04:25 AM

Credit to CoenE

I did what you told me to change and it works!
Alfresco in Secured connection is working now. But I get this Certificate Erros, should i worry about it?


Thank again for your help.
Awesome!!!
0 Kudos

sholmes
Champ in-the-making
Champ in-the-making

‎01-24-2011 06:22 PM

I'm having many issues getting Alfresco Share to work with SSL/HTTPS.  We would like to use Alfresco Share externally, as most of our users are not able to access our VPN at client sites. Being that I would like some level of security around Alfresco, I would like secure it with SSL. I have generated the CSR and received the SSL cert back from DigiCert, but I am having a heck of a time getting Alfresco working with it.

I have read through this thread, and many others, and I'm still unable to get it to work. The farthest I got, was editing the server.xml file, as documented in this thread, but after a restart, I am unable to access Alfresco on either HTTP or HTTPS, the application doesn't seem to be available at all. Does anyone know of a "idiots" guide to implementing SSL for Alfresco Share?

Any help would be much appreciated.

Thanks,
Shawn
0 Kudos

ruffieuxlu
Champ in-the-making
Champ in-the-making

‎01-31-2011 05:23 AM

Here is an example of a working config :

Sorry for the presentation but the <code> tags are pretty unreadable.

Generate a keystore file :
keytool -genkey -alias tomcat -keyalg RSA -keystore thefile.keystore

(to add your own certificate see http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Prepare_the_Certificate_Keystore)


In the file server.xml :
———————————————————————————————————————–
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="off" />

[…]

<Connector port="8080" URIEncoding="UTF-8" protocol="org.apache.coyote.http11.Http11Protocol"
connectionTimeout="20000"
redirectPort="8443" />

<Connector port="8443" protocol="HTTP/1.1" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="TheKeystoreFile" keystorePass="ThePasswd"
clientAuth="false" sslProtocol="TLS" />
———————————————————————————————————————–

Then restart Alfresco and go to https://address:8443/share

I hope it will work for you too.
0 Kudos

graychan
Champ in-the-making
Champ in-the-making

‎02-18-2011 03:53 AM

Here is an example of a working config :

Sorry for the presentation but the <code> tags are pretty unreadable.

Generate a keystore file :
keytool -genkey -alias tomcat -keyalg RSA -keystore thefile.keystore

(to add your own certificate see http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Prepare_the_Certificate_Keystore)


In the file server.xml :
———————————————————————————————————————–
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="off" />

[…]


<Connector port="8080" URIEncoding="UTF-8" protocol="org.apache.coyote.http11.Http11Protocol"
connectionTimeout="20000"
redirectPort="8443" />

<Connector port="8443" protocol="HTTP/1.1" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="TheKeystoreFile" keystorePass="ThePasswd"
clientAuth="false" sslProtocol="TLS" />
———————————————————————————————————————–

Then restart Alfresco and go to https://address:8443/share

I hope it will work for you too.


Hi, ruffieuxlu

    Thanks your help. I have set my alfresco as you referred.
    SSL is OK, but users also can access via 8080 port.
    How to force user only access in secure mothed?
    Thanks a lot.
0 Kudos

ruffieuxlu
Champ in-the-making
Champ in-the-making

‎02-21-2011 05:09 AM

Hi,
Unfortunately I can't help you for this.
I didn't look for solution for that because my firewall blocks the 8080 port, so the users are forced to use the 443 port.
Some files contain the web path like alfresco-global.properties
web.application.context.url=http://127.0.0.1:8080/alfresco
Try to find them and modify them.
Sorry.
0 Kudos

srinivasmurty
Champ in-the-making
Champ in-the-making

‎03-06-2011 05:12 PM

I have Alfresco Community 3.3 running on an Amazon EC2 instance. I have pretty much set up everything for SSL access (created the keys, downloaded the SSL cert from GoDaddy, made changes to the Tomcat "server.xml". When I try to login to Share at port 8443, I get an authentication error. However, I am able to login to Alfresco Explorer by accessing it at port 8443. I am trying to figure out what I am doing wrong. Would anyone know what's going on?
0 Kudos

jasswalkjr
Champ in-the-making
Champ in-the-making
In response to srinivasmurty

‎07-14-2014 10:42 PM

Hello srinivasmurty:  I'm have the same problem right now.  Was you able to resolve this login issue with Alfresco Share over port 8443?
0 Kudos

rudischmitz
Champ in-the-making
Champ in-the-making

‎04-05-2011 01:49 PM

Alfresco Share requires port 8080 of the Repository to function, from what I understand.

http://forums1.man.alfresco.com/en/viewtopic.php?f=47&t=27826#p90735
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC