AnsweredAssumed Answered

SSL via Apache2 Proxy and Tomcat6/Alfresco

Question asked by oblivian on Oct 5, 2009
Latest reply on May 16, 2014 by gopei
Hello,

I am trying to use Apache2 to set up an SSL-connection with Alfresco. I have a reversed proxied Alfresco with Apache2 and SSL, but I get warnings that the connection isn't entirely encrypted.  (Warning: Connection Partially Encrypted) Is there something I have to do on the Alfresco/Tomcat6 side?

Excerpt from http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
It is important to note that configuring Tomcat to take advantage of secure sockets is usually only necessary when running it as a stand-alone web server. When running Tomcat primarily as a Servlet/JSP container behind another web server, such as Apache or Microsoft IIS, it is usually necessary to configure the primary web server to handle the SSL connections from users. Typically, this server will negotiate all SSL-related functionality, then pass on any requests destined for the Tomcat container only after decrypting those requests. Likewise, Tomcat will return cleartext responses, that will be encrypted before being returned to the user's browser. In this environment, Tomcat knows that communications between the primary web server and the client are taking place over a secure connection (because your application needs to be able to ask about this), but it does not participate in the encryption or decryption itself.

So according to the Apache2 documentation it should be sufficiant to encrypt the traffic from/to the Apache2 proxy and not Tomcat6 itself.
So why is the encrypted connection failing? This is in all browsers I've tried, Firefox, IE8, Safari, etc…

Please advice,

Oblivian

Outcomes