Alfresco behind pfsense NAT not secure even with valid certificate

cancel
Showing results for 
Search instead for 
Did you mean: 
mmerlone
Active Member

Alfresco behind pfsense NAT not secure even with valid certificate

Jump to solution

Hi,

Not sure if this is alfresco related but maybe someone could give me some insight.

I have an alfresco instance (https://alfresco.a1.ind.br) running from a port-forward rule on my pfsense firewall. I have the same configuration for our site (https://a1.ind.br) and it works fine.

Some users are complaining about invalid certificate and thus no closed padlock icon. When I check from Chrome it says this site is not secure, but the certificate is a valid LetsEncrypt . Checking on https://www.digicert.com/help/ all seems fine.

What could be wrong?

Thanks for any help!

1 Solution

Accepted Solutions
mmerlone
Active Member

Re: Alfresco behind pfsense NAT not secure even with valid certificate

Jump to solution

Never mind.

Just found a link to http://www.becpf.fr/becpg-plm-community-2.2.1.png on ./tomcat/webapps/share/WEB-INF/classes/alfresco/becpg-plm-share-config.xml. Changed to https and is all set.

Sorry for the noise, best regards.

View solution in original post

3 Replies
mmerlone
Active Member

Re: Alfresco behind pfsense NAT not secure even with valid certificate

Jump to solution

Never mind.

Just found a link to http://www.becpf.fr/becpg-plm-community-2.2.1.png on ./tomcat/webapps/share/WEB-INF/classes/alfresco/becpg-plm-share-config.xml. Changed to https and is all set.

Sorry for the noise, best regards.

EddieMay
Alfresco Employee

Re: Alfresco behind pfsense NAT not secure even with valid certificate

Jump to solution

Hi @mmerlone,

Great you found a solution and thanks for updating your thread - really useful to other users. 

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!
zerros
Active Member

Re: Alfresco behind pfsense NAT not secure even with valid certificate

Jump to solution

Hello,

sorry for my bad english. I'm actually creating a fresh infra to test alfresco using a pfsense in front. Using port-forwarding solution is not a good practice. The best way is to use a reverse proxy on top of alfresco (haproxy). pfsense can provide haproxy and use let's encrypt with acme, or you can forward all request to a reverse proxy component (apache, nginx, haproxy, etc) in front of alfresco Smiley Wink