AnsweredAssumed Answered

SSL with reverse proxy and the Alfresco logo.

Question asked by ftclausen on Nov 14, 2008
Latest reply on Nov 20, 2008 by stateless
Hello,

Intro -

Yes, I appreciate those may seem somewhat unrelated but bear with me. I am using Alfresco community version 2.1 and it is listening on localhost with SSL being handled by Apache using mod_proxy and mod_proxy_ajp to redirect requests for Alfresco to the Alfresco instance on localhost. My motivation for doing it this was that we have other URLs currently being serviced by Apache and we would prefer people to just use different locations on port 80 (saves firewall hassle).

* https://www.example.com/alfresco -> this is redirected by mod_proxy_ajp using the AJP protocol to ajp://127.0.0.1:8009/alfresco
* https://www.example.com/alfresco/webdav -> this is redirected by mod_proxy using HTTP to http://127.0.0.1:8080/alresco/webdav
* https://www.example.com/some/other/static/location -> some static files served directly by Apache, unrelated to Alfresco.

The Issue -

The issue is that we keep on getting loads of browser warnings about some content being secure and some not (we have all seen that from time to time on other sites) and it turns out that the Alfresco community logo is sourced from "http://www.alfresco.com/…" thereby triggering the warning. Now, I feel it is fair to give attribution to Alfresco for using the software but how can I make it use "https://www.alfresco.com/…" instead? I checked, the image can be accessed via HTTPS.

Many many thanks for any answers.

Regards,

Fred.

Outcomes