Hi there,
I'm trying to set-up Alfresco Community Edition 5.0d on Tomcat/Ubuntu to run on SSL (I've used a Bitnami installer to set-up on AWS).
So far I've managed to change Tomcat to use SSL with an Alfresco certificate.
I've made changes to Alfresco configuration as described in the documentation (see details below) and I get to the login screen on SSL Port 8443.
However, when I try to log-in I get an error "The remote server may be unavailable or your authentication details have not been recognized."
I know this problem has been discussed before (e.g. https://forums.alfresco.com/forum/installation-upgrades-configuration-integration/configuration/change-alfresco-use-ssl-and) but none of the suggestions seems to work and many linked instruction pages are not available any more.
Here's what I did:
1.) Tomcat configuration => edit server.xml (/apache-tomcat/conf)
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" keystoreFile="/opt/bitnami/apps/alfresco/data/keystore/ssl.keystore" keystorePass="kT9X6oe68t" keystoreType="JCEKS" secure="true" connectionTimeout="240000" truststoreFile="/opt/bitnami/apps/alfresco/data/keystore/ssl.truststore" truststorePass="kT9X6oe68t" truststoreType="JCEKS" clientAuth="false" sslProtocol="TLS" allowUnsafeLegacyRenegotiation="true" maxSavePostSize="-1"/>
2.) Tomcat configuration => edit web.xml (/apache-tomcat/conf)
<!--======================== HTTPS Redirection =========================--><!-- This section has been customized to redirect web resources to HTTPS --><security-constraint><web-resource-collection><web-resource-name>Entire Application</web-resource-name><url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
3.) Alfresco configuration => edit share-config-custom.xml (apache-tomcat/shared/classes/web-extension)
<repository-url>https://localhost:8443/alfresco</repository-url>
and
<config evaluator="string-compare" condition="Remote"><remote><endpoint><id>alfresco-noauth</id><name>Alfresco - unauthenticated access</name><description>Access to Alfresco Repository WebScripts that do not require authentication</description><connector-id>alfresco</connector-id><endpoint-url>https://localhost:8443/alfresco/s</endpoint-url><identity>none</identity></endpoint> <endpoint><id>alfresco</id><name>Alfresco - user access</name><description>Access to Alfresco Repository WebScripts that require user authentication</description><connector-id>alfresco</connector-id><endpoint-url>https://localhost:8443/alfresco/s</endpoint-url><identity>user</identity></endpoint> <endpoint><id>alfresco-feed</id><name>Alfresco Feed</name><description>Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet</description><connector-id>http</connector-id><endpoint-url>https://localhost:8443/alfresco/s</endpoint-url><basic-auth>true</basic-auth><identity>user</identity></endpoint><!--<endpoint><id>activiti-admin</id><name>Activiti Admin UI - user access</name><description>Access to Activiti Admin UI, that requires user authentication</description><connector-id>activiti-admin-connector</connector-id><endpoint-url>http://localhost:8080/alfresco/activiti-admin</endpoint-url><identity>user</identity></endpoint>--></remote></config>
4.) Alfresco configuration => edit alfresco-global.properties (apache-tomcat/shared/classes)
web.application.context.url=https://toolbox.bitnamiapp.com:8443/alfresco alfresco.context=alfresco alfresco.host=toolbox.bitnamiapp.com alfresco.port=8443 alfresco.protocol=https share.context=share share.host=toolbox.bitnamiapp.com share.protocol=https share.port=8443
--
Any help is highly appreciated!
Many thanks
Michael