Help

Configuring Alfresco Comunity 7.0 to work with Https

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
John1244
Active Member
‎30 Aug 2021 9:20 PM

Configuring Alfresco Comunity 7.0 to work with Https

My alfresco configuration:

# Using version 2 as 3 does not support resource constraint options (cpu_*, mem_* limits) for non swarm mode in Compose
version: "2"

services:
alfresco:
image: alfresco/alfresco-content-repository-community:7.0.0
mem_limit: 3000m
environment:
JAVA_TOOL_OPTIONS: "
-Dencryption.keystore.type=JCEKS
-Dencryption.cipherAlgorithm=DESede/CBC/PKCS5Padding
-Dencryption.keyAlgorithm=DESede
-Dencryption.keystore.location=/usr/local/tomcat/shared/classes/alfresco/extension/keystore/keystore
-Dmetadata-keystore.password=mp6yc0UD9e
-Dmetadata-keystore.aliases=metadata
-Dmetadata-keystore.metadata.password=oKIWzVdEdA
-Dmetadata-keystore.metadata.algorithm=DESede
"
JAVA_OPTS: "
-Ddir.root=./alf_data
-Ddb.driver=org.postgresql.Driver
-Ddb.username=alfresco
-Ddb.password=alfresco
-Ddb.url=jdbcSmiley Tongueostgresql://postgres:5432/alfresco
-Dsolr.host=solr6
-Dsolr.port=8983
-Dsolr.http.connection.timeout=1000
-Dsolr.secureComms=https
-Dsolr.base.url=/solr
-Dindex.subsystem.name=solr6
-Dshare.host=127.0.0.1
-Dshare.port=8080
-Dalfresco.host=alfresco.local
-Dalfresco.port=8080
-Daos.baseUrlOverwrite=http://localhost:8080/alfresco/aos
-Dmessaging.broker.url=\"failoverSmiley Sadnio://activemq:61616)?timeout=3000&jms.useCompression=true\"
-Ddeployment.method=DOCKER_COMPOSE
-DlocalTransform.core-aio.url=http://transform-core-aio:8090/
-Dcsrf.filter.enabled=false
-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80
"
volumes:
#Bind mount SHORT SYNTAX - [SOURCE:]TARGET[:MODE]
#SOURCE can be a named volume or a (relative or absolute) path on the host system.
#TARGET is an absolute path in the container where the volume is mounted.
#MODE is a mount option which can be read-only (ro) or read-write (rw) (default).
#Example: ./data/alfresco/alf_data:/usr/local/tomcat/alf_data/:rw
- ./data/alfresco/alf_data:/usr/local/tomcat/alf_data
- ./keystores/alfresco:/usr/local/tomcat/alf_data/keystore

transform-core-aio:
image: alfresco/alfresco-transform-core-aio:2.3.10
mem_limit: 1536m
environment:
JAVA_OPTS: " -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"
ports:
- 8090:8090

share:
image: alfresco/alfresco-share:7.0.0
mem_limit: 1g
environment:
REPO_HOST: "alfresco"
REPO_PORT: "8080"
JAVA_OPTS: "
-XX:MinRAMPercentage=50
-XX:MaxRAMPercentage=80
-Dalfresco.host=localhost
-Dalfresco.port=8080
-Dalfresco.context=alfresco
-Dalfresco.protocol=http
"

postgres:
image: postgres:13.1
mem_limit: 512m
environment:
- POSTGRES_PASSWORD=alfresco
- POSTGRES_USER=alfresco
- POSTGRES_DB=alfresco
command: postgres -c max_connections=300 -c log_min_messages=LOG
ports:
- 5432:5432
volumes:
- ./data/postgres-data:/var/lib/postgresql/data
- ./logs/postgres:/var/log/postgresql

solr6:
image: alfresco/alfresco-search-services:2.0.1
mem_limit: 2g
environment:
#Solr needs to know how to register itself with Alfresco
- SOLR_ALFRESCO_HOST=alfresco
- SOLR_ALFRESCO_PORT=8080
#Alfresco needs to know how to call solr
- SOLR_SOLR_HOST=solr6
- SOLR_SOLR_PORT=8983
#Create the default alfresco and archive cores
- SOLR_CREATE_ALFRESCO_DEFAULTS=alfresco,archive
#HTTP by default
- ALFRESCO_SECURE_COMMS=https

ports:
- 8083:8983 #Browser port
volumes:
- ./keystores/solr:/opt/alfresco-search-services/keystore

activemq:
image: alfresco/alfresco-activemq:5.16.1
mem_limit: 1g
ports:
- 8161:8161 # Web Console
- 5672:5672 # AMQP
- 61616:61616 # OpenWire
- 61613:61613 # STOMP

proxy:
image: alfresco/alfresco-acs-nginx:3.1.1
mem_limit: 128m
environment:
DISABLE_PROMETHEUS: "true"
DISABLE_SYNCSERVICE: "true"
DISABLE_ADW: "true"
depends_on:
- alfresco
ports:
- 8080:8080
- 443:443
links:
- alfresco
- share
volumes:
- ./proxy/conf/my_proxy.conf:/etc/nginx/my_proxy.conf
- ./proxy/crets:/etc/nginx/crets

my nginx.conf file i renamed to my_proxy.conf because i was getting a device or resource busy error:

events {
worker_connections 1024;
}

http {
server {
listen 8080;
server_name alfresco.local;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl;
server_name 172.17.17.11;

ssl_certificate etc/nginx/crets/alfresco.local.crt;
ssl_certificate_key etc/nginx/crets/alfresco.local.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;

location / {
proxy_set_header Host $host;

proxy_set_header X-Forwarded-Proto $scheme;

proxy_set_header X-Forwarded-Host $host;

proxy_set_header X-Forwarded-Port $server_port;

proxy_pass http://172.17.17.11:8080/share;
}
}
}

I got this info from : https://dev.to/vishalraj82/using-https-in-docker-for-local-development-nc7
but it is not working (http works though) i used mkcert on linux to make my key and certificate.

0 Kudos
Reply
2 Replies
cristinamr
Advanced
‎31 Aug 2021 8:44 AM

Re: Configuring Alfresco Comunity 7.0 to work with Https

Good morning.

Could you please attach your logs in order to see the technical error?

Cheers,

Cristina.

--
VenziaIT: helping companies since 2005! Our ECM products: AQuA & Seidoc
0 Kudos
Reply
John1244
Active Member
‎31 Aug 2021 5:57 PM

Re: Configuring Alfresco Comunity 7.0 to work with Https

Sorry the logs of what exactlly and how would I do that

0 Kudos
Reply
Alfresco Content Services Forum

Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.

Related links:

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.