cancel
Showing results for 
Search instead for 
Did you mean: 

Alfresco 5.2 on GCP setting up SSL with Certbot

MikeW2
Champ on-the-rise
Champ on-the-rise

EDIT: The connection to /alfresco and the admin console works with https.
Only /share is not reachable and the page "Something's wrong with this page..." is displayed after login. 

I am a beginner and hope someone here can help me. I installed Alfresco from the Market on GCP and assigned a fixed IP to the instance. I want to set up HTTPS now, so I went the way via Certbot. I have changed these entries in the "alfresco-global. properties".

alfresco.port=443
alfresco.protocol=https
share.port=443
share.protocol=https

A) I have the following configuration:

  1. Domain at Active24 (A record points to server)
  2. Server is Alfresco on a VM instance on GCP
  3. Server is Apache Tomcat on Debian 9
  4. I can manage on the command line, but it's not my daily business.
  5. I installed Certbot and had the certificate installed (sudo certbot --apache)

B) Now, after installing Certbot, here's the situation:

  1. When I open the URL/Domain I get to the Alfresco Login Screen. Browser does not show HTTPS.
  2. After entering my login data, HTTPS appears, but I cannot access the Share environment. Instead I see an Alfresco error page with a button to return to the dashboard.
  3. When I click on the "Back to Dashboard" button, I return to the login screen.

I think I still have to configure Apache to forward to the appropriate destinations. But I can't find any instructions for this.

C) My next questions are:

  1. Did Certbot install an additional server as a proxy, or did it configure the existing one?
  2. In which directory do I find the appropriate server settings?

Thanks a lot!

3 REPLIES 3

heiko_robert
Star Collaborator
Star Collaborator

You should (if not already done in your GCP VM) install/configure apache2 or nginx as a reverse proxy using the certbot ssl sertificate your created before. Take a look into Alfresco's docker examples how to do that:
apache2 config from alfresco-docker-template 

or loftux's alfresco-ubuntu-install scripts containting nxinx default config 

Apache2 is already running and https also works on https://www.mydomain.xy/alfresco and the admin console. only share cannot be reached. After login a page with "Something's wrong with this page..." appears and from there it goes back to the login screen.

This sounds like an CSRF Token Filter issue and should be logged in your alfresco.log / catalina.out

If you set  share.host / port / protocol in alfresco-global.properties as seen from the browser you should be fine / shouldn't need to struggle with CSRFPolicy configs ...