How to install the renewed public SSL certificate

kingryu · ‎10 Mar 2020

Dear,

I'm a zero-knowledge person with Alfresco
By the way, I've been assigned to taking care of the SSL certificate renewal
I've tried some research but still don't know how and where to start with

The system is running with Alfresco Community v5.1e (Windows-based)
It's installed and configured by 3rd party a long time ago before I joined and unable to contact them now
The system is including with 2 servers, web server and database server (from my understanding)
From IIS on the webserver, I saw that there's a public SSL certificate installed
I've requested a new certificate and tried to install from IIS but seem it's doesn't work
From my research, it seems like Alfresco isn't working with the IIS?
So, I don't know what should I have to do to replace the renewed certificate now.
Anybody can help me, please?

angelborroy · ‎10 Mar 2020

Not sure on how is configured your server.

Hope this helps:

https://hub.alfresco.com/t5/alfresco-content-services-blog/alfresco-mtls-configuration-deep-dive/ba-...

https://hub.alfresco.com/t5/alfresco-content-services-blog/alfresco-6-1-is-coming-with-mutual-tls-au...

Hyland Developer Evangelist

kingryu · ‎11 Mar 2020

Thanks, for your help.
I've tried to verify with both links you've mentioned.
Seem like the system is configured using the MTLS with SSL now.
Let's see a part of the "server.xml" and "alfresco.global.properties" below.
Then how can I replace the SSL certificate please?

====================================================================================


<Connector port="8009" URIEncoding="UTF-8" protocol="AJP/1.3" redirectPort="8443" />
<Connector port="8443" URIEncoding="UTF-8" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" keystoreFile="E:\alfresco-community/alf_data/keystore/ssl.keystore" keystorePass="kT9X6oe68t" keystoreType="JCEKS" secure="true" connectionTimeout="240000" truststoreFile="E:\alfresco-community/alf_data/keystore/ssl.truststore" truststorePass="kT9X6oe68t" truststoreType="JCEKS" clientAuth="want" sslProtocol="TLS" allowUnsafeLegacyRenegotiation="true" maxHttpHeaderSize="32768" maxSavePostSize="-1" />

====================================================================================

### Solr indexing ###
index.subsystem.name=solr4
dir.keystore=${dir.root}/keystore
solr.host=localhost
solr.port.ssl=8443

====================================================================================

kingryu · ‎23 Mar 2020

Hi @angelborroy

I've got new information regarding my server configuration.
Our SSL Cert. is currently installed on Nginx.
We use Nginx for revert proxy for Alfresco.
Do you mind guiding me step by step to install the new certificate file please?

Regards,