Help

Alfresco behind Load Balancer with SSL offload

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
fosterm
Member II
‎11 Aug 2020 9:41 PM

Alfresco behind Load Balancer with SSL offload

We are moving our Alfresco installation from behind an Apache proxy using AJP to use a load-balancer that is doing SSL offloading and forwarding requests directly to the backend by modifying the proxy settings in tomcat/conf/server.xml. However, the Configuring SSL for a production environment  documentation says to protect the following endpoints:

/share/*/proxy/alfresco/api/solr/*
/share/-default-/proxy/alfresco/api/*

What examples of URLs are there with "/share/*/proxy"? How can I determine what the application is using for "*" in this scnenario? There isn't anything in the solr documentation about this and the only page that references these is this SSL configuration page.

We tried blocking "/share/proxy/alfresco/api" thinking that was what a pattern, but blocking that URL breaks the application as the dashboard or other items don't load. I don't know that is possible at the moment to create rules on our LB to redirect a URL with multiple wildcards. Is there a more comphresensive list of actual URLs used by the server with "share/*/proxy" based on our configuration or is there a way to redirect these in tomcat or ? 

0 Kudos
Reply
Alfresco Content Services Forum

Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.

Related links:

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.