Alfresco 5.2 on GCP setting up SSL with Certbot

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Active Member

Alfresco 5.2 on GCP setting up SSL with Certbot

EDIT: The connection to /alfresco and the admin console works with https.
Only /share is not reachable and the page "Something's wrong with this page..." is displayed after login. 

I am a beginner and hope someone here can help me. I installed Alfresco from the Market on GCP and assigned a fixed IP to the instance. I want to set up HTTPS now, so I went the way via Certbot. I have changed these entries in the "alfresco-global. properties".

alfresco.port=443
alfresco.protocol=https
share.port=443
share.protocol=https

A) I have the following configuration:

  1. Domain at Active24 (A record points to server)
  2. Server is Alfresco on a VM instance on GCP
  3. Server is Apache Tomcat on Debian 9
  4. I can manage on the command line, but it's not my daily business.
  5. I installed Certbot and had the certificate installed (sudo certbot --apache)

B) Now, after installing Certbot, here's the situation:

  1. When I open the URL/Domain I get to the Alfresco Login Screen. Browser does not show HTTPS.
  2. After entering my login data, HTTPS appears, but I cannot access the Share environment. Instead I see an Alfresco error page with a button to return to the dashboard.
  3. When I click on the "Back to Dashboard" button, I return to the login screen.

I think I still have to configure Apache to forward to the appropriate destinations. But I can't find any instructions for this.

C) My next questions are:

  1. Did Certbot install an additional server as a proxy, or did it configure the existing one?
  2. In which directory do I find the appropriate server settings?

Thanks a lot!

3 Replies
Highlighted
Senior Member

Re: Alfresco 5.2 on GCP setting up SSL with Certbot

You should (if not already done in your GCP VM) install/configure apache2 or nginx as a reverse proxy using the certbot ssl sertificate your created before. Take a look into Alfresco's docker examples how to do that:
apache2 config from alfresco-docker-template 

or loftux's alfresco-ubuntu-install scripts containting nxinx default config 

Highlighted
Active Member

Re: Alfresco 5.2 on GCP setting up SSL with Certbot

Apache2 is already running and https also works on https://www.mydomain.xy/alfresco and the admin console. only share cannot be reached. After login a page with "Something's wrong with this page..." appears and from there it goes back to the login screen.

Highlighted
Senior Member

Re: Alfresco 5.2 on GCP setting up SSL with Certbot

This sounds like an CSRF Token Filter issue and should be logged in your alfresco.log / catalina.out

If you set  share.host / port / protocol in alfresco-global.properties as seen from the browser you should be fine / shouldn't need to struggle with CSRFPolicy configs ...