AnsweredAssumed Answered

Change Tomcat/Alfresco to use SSL and Share stops authenticating

Question asked by mweber37 on Aug 13, 2015
Hi there,

I'm trying to set-up Alfresco Community Edition 5.0d on Tomcat/Ubuntu to run on SSL (I've used a Bitnami installer to set-up on AWS).

So far I've managed to change Tomcat to use SSL with an Alfresco certificate.
I've made changes to Alfresco configuration as described in the documentation (see details below) and I get to the login screen on SSL Port 8443.

However, when I try to log-in I get an error "The remote server may be unavailable or your authentication details have not been recognized."

I know this problem has been discussed before (e.g. https://forums.alfresco.com/forum/installation-upgrades-configuration-integration/configuration/change-alfresco-use-ssl-and) but none of the suggestions seems to work and many linked instruction pages are not available any more.

Here's what I did:

<strong>1.) Tomcat configuration => edit server.xml</strong> (/apache-tomcat/conf)


<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" keystoreFile="/opt/bitnami/apps/alfresco/data/keystore/ssl.keystore" keystorePass="kT9X6oe68t" keystoreType="JCEKS" secure="true" connectionTimeout="240000" truststoreFile="/opt/bitnami/apps/alfresco/data/keystore/ssl.truststore" truststorePass="kT9X6oe68t" truststoreType="JCEKS" clientAuth="false" sslProtocol="TLS" allowUnsafeLegacyRenegotiation="true" maxSavePostSize="-1" /> 


<strong>2.) Tomcat configuration => edit web.xml </strong>(/apache-tomcat/conf)


<!– ======================== HTTPS Redirection ========================= –>
<!– This section has been customized to redirect web resources to HTTPS –>
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>


<strong>3.) Alfresco configuration => edit share-config-custom.xml </strong>(apache-tomcat/shared/classes/web-extension)


<repository-url>https://localhost:8443/alfresco</repository-url>


and


<config evaluator="string-compare" condition="Remote">
      <remote>
         <endpoint>
            <id>alfresco-noauth</id>
            <name>Alfresco - unauthenticated access</name>
            <description>Access to Alfresco Repository WebScripts that do not require authentication</description>
            <connector-id>alfresco</connector-id>
            <endpoint-url>https://localhost:8443/alfresco/s</endpoint-url>
            <identity>none</identity>
         </endpoint>

         <endpoint>
            <id>alfresco</id>
            <name>Alfresco - user access</name>
            <description>Access to Alfresco Repository WebScripts that require user authentication</description>
            <connector-id>alfresco</connector-id>
            <endpoint-url>https://localhost:8443/alfresco/s</endpoint-url>
            <identity>user</identity>
         </endpoint>

         <endpoint>
            <id>alfresco-feed</id>
            <name>Alfresco Feed</name>
            <description>Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet</description>
            <connector-id>http</connector-id>
            <endpoint-url>https://localhost:8443/alfresco/s</endpoint-url>
            <basic-auth>true</basic-auth>
            <identity>user</identity>
         </endpoint>
         <!–
         <endpoint>
            <id>activiti-admin</id>
            <name>Activiti Admin UI - user access</name>
            <description>Access to Activiti Admin UI, that requires user authentication</description>
            <connector-id>activiti-admin-connector</connector-id>
            <endpoint-url>http://localhost:8080/alfresco/activiti-admin</endpoint-url>
            <identity>user</identity>
         </endpoint>
         –>
      </remote>
</config>


<strong>4.) Alfresco configuration => edit alfresco-global.properties</strong>  (apache-tomcat/shared/classes)


web.application.context.url=https://toolbox.bitnamiapp.com:8443/alfresco

alfresco.context=alfresco
alfresco.host=toolbox.bitnamiapp.com
alfresco.port=8443
alfresco.protocol=https

share.context=share
share.host=toolbox.bitnamiapp.com
share.protocol=https
share.port=8443




Any help is highly appreciated!

Many thanks
Michael

Outcomes