AnsweredAssumed Answered

SSL Sharepoint behind Ngnix Proxy help

Question asked by wdickinson on Apr 14, 2015
Latest reply on Apr 15, 2015 by eswbitto
Thanks to everyone in advance for taking a look.

After devoting several weeks of configurations, tear downs and rebuilds, and scouring the forum for related posts, I believe I am very close to having Alfresco 5.0.d up and running behind a Nginx Reverse Proxy.  Currently running Ubuntu 14.04.

All certs are set up, and ssl is working great for accessing the share.  However I can only get sharepoint documents to edit online if I do the reg hack to allow basic and ssl communications, found here http://support.microsoft.com/kb/2123563.  If I remove those hacks I just get a blank page.  I believe this is an indication that the documents are not being served securely which is the goal.

Many of the first attempts of using Tomcat broke various functions of Alfresco, so I went the reverse proxy route that so many recommended.

I am currently confused if I need to add the vti settings to the vti.custom file (would have to create) as well as the alfresco.global.properties file.  I believe I shouldn't have to, but can't for the life of me figure out how I need to set up the reverse proxy conf file.  Please find my config below for your consideration.  I have seen various posts saying this is functioning great, but no detailed instructions on how to complete.


As I said, i very much appreciate any light someone could shed on the situation.

Thank you for your time.

server{
listen    443;
server_name    host.domain.com;
ssl         on;
ssl_certificate /etc/ssl/certs/domain.crt;
ssl_certificate_key /etc/ssl/private/domain.com.key;
rewrite ^/$    /share;


location /share {
root    /opt/alfresco/tomcat/webapps/share/;
proxy_pass    https://127.0.0.1:8443;
proxy_set_header    X-Real-IP    $remote_addr;
proxy_set_header    X-Forwarded-For    $proxy_add_x_forwarded_for;
proxy_set_header    host    $host;
proxy_set_header    X-Forwarded-Server    $host;
}

location / {
proxy_pass    https://127.0.0.1:7070;
proxy_set_header    X-Real-IP    $remote_addr;
proxy_set_header    X-Forwarded-For    $proxy_add_x_forwarded_for;
proxy_set_header    host    $host;
proxy_set_header    X-Forwarded-Server    $host;
}


location /alfresco {
proxy_pass    https://127.0.0.1:7070/alfresco;
proxy_set_header    X-Real-IP    $remote_addr;
proxy_set_header    X-Forwarded-For    $proxy_add_x_forwarded_for;
proxy_set_header    host    $host;
proxy_set_header    X-Forwarded-Server    $host;
}

location /_vti-bin {
proxy_pass    https://127.0.0.1:7070/_vti_bin.html;
proxy_set_header    X-Real-IP    $remote_addr;
proxy_set_header    X-Forwarded-For    $proxy_add_x_forwarded_for;
proxy_set_header    host    $host;
proxy_set_header    X-Forwarded-Server    $host;
}

location /_vti-inf-html {
proxy_pass    https://127.0.0.1:7070/_vti_inf.html;
proxy_set_header    X-Real-IP    $remote_addr;
proxy_set_header    X-Forwarded-For    $proxy_add_x_forwarded_for;
proxy_set_header    host    $host;
proxy_set_header    X-Forwarded-Server    $host;
}

location /_vti_history {
proxy_pass    https://localhost:7070/_vti_history;
proxy_set_header    X-Real-IP    $remote_addr;
proxy_set_header    X-Forwarded-For    $proxy_add_x_forwarded_for;
proxy_set_header    host    $host;
proxy_set_header    X-Forwarded-Server    $host;
}
}

Outcomes