AnsweredAssumed Answered

Help me secure Alfresco (SSL)

Question asked by newadmin on Jun 26, 2012
Latest reply on Mar 24, 2014 by kuldeep
Hello all,

We've been using Alfresco in our environment for a while now and now want to make it accessible outside our network. Before we can do so we of course want to secure it with SSL. I've been looking at the instructions in the Alfresco documentation, but I'm a bit confused. I have imported the SSL certificate into a keystore with the alias tomcat.jks, but I cant quite figure out how to configure Alfresco.

In the documentation it says to add the following to the server.xml file:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
               maxThreads="150" scheme="https" keystoreFile="../../data/keystore/ssl.keystore" keystorePass="kT9X6oe68t" keystoreType="JCEKS"
secure="true" connectionTimeout="240000" truststoreFile="../../data/keystore/ssl.truststore" truststorePass="kT9X6oe68t" truststoreType="JCEKS"
               clientAuth="false" sslProtocol="TLS" /> 

A few things I don't understand about this.

1) I don't know what a JECKS keystore type is, or how to figure out what kind of keystore I have.
2) I don't know what the truststore file is or how to use it. Should I leave these values at defaults or adjust them for my specific setup?

Any assistance you could provide would be appreciated. My installation is running on Windows 2008.