Secure Alfresco with https

It is simple to setup TomCat to use HTTPS – see the file tomcat/conf/server.xml –

Change redirectPort=”8443″ to “443”

<!– Define a non-SSL HTTP/1.1 Connector on port 8080 –>
<Connector port=”80″ URIEncoding=”UTF-8″ maxHttpHeaderSize=”8192″
maxThreads=”150″ minSpareThreads=”25″ maxSpareThreads=”75″
enableLookups=”false” redirectPort=”443″ acceptCount=”100″
connectionTimeout=”20000″ disableUploadTimeout=”true” />

unremark the SSL HTTP/1.1 Connector and change port to 443

<!– Define a SSL HTTP/1.1 Connector on port 8443 –>
<Connector port=”443″ maxHttpHeaderSize=”8192″
maxThreads=”150″ minSpareThreads=”25″ maxSpareThreads=”75″
enableLookups=”false” disableUploadTimeout=”true”
acceptCount=”100″ scheme=”https” secure=”true”
clientAuth=”false” sslProtocol=”TLS” />

Generate Keystore
* Execute:

%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)

with a password value of “changeit” for both the certificate and
the keystore itself.

Leave a Reply