AnsweredAssumed Answered

Changing the SSL certificate for Tomcat SSL

Question asked by michaelk on Oct 10, 2011
Latest reply on Jul 11, 2012 by dalvim
I using SSL (on port 8443) for access to Alfresco.
I have changed the tomcat/conf/server.xml to….

<Connector port="9009" protocol="AJP/1.3" redirectPort="8443" />
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
               maxThreads="150" scheme="https" keystoreFile="/var/home/loc/alfresco-4.0.a/alf_data/keystore/ssl.keystore" keystorePass="kT9X6oe68t" keystoreType="JCEKS"
secure="true" connectionTimeout="240000" truststoreFile="/var/home/loc/alfresco-4.0.a/alf_data/keystore/ssl.truststore" truststorePass="kT9X6oe68t" truststoreType="JCEKS"
               clientAuth="false" sslProtocol="TLS" allowUnsafeLegacyRenegotiation="true" />

This works fine but if I change the keystore and truststore to my own certificate (instead of the Alfreso supplied certificate), I can access the site but the data is not available ?

I tried using the procedure in
tomcat/webapps/alfresco/WEB-INF/classes/alfresco/keystore/CreateSSLKeystores.txt
to create new ssl.keystore and ssl.truststore files.  These also could not access the repositories. 

Is my repository protected by the default "Alfresco Cert" and if I change the Tomcat SSL certificate do I screw up access to the repository.

Can I change certificates without starting the repository from scratch and if how ???

thanks….

Outcomes