我已将alfresco配置为在端口443上使用HTTPS。 由于tomcat正在使用APR连接器,我必须为SSL连接(而不是.keystore文件)生成.cer文件和.key文件 我已经提到了以下链接: http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
http://docs.alfresco.com/4.2/tasks/SharePoint-SSL.html
以下是我的server.xml文件中的设置:
<Connector
protocol="HTTP/1.1"
port="443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/root/mycompany.crt"
SSLCertificateKeyFile="/root/mycompany.key"
SSLVerifyClient="optional" SSLProtocol="TLSv1"/>
alfresco-global.properties有以下变化:
alfresco.port=443
alfresco.protocol=https
share.port=443
share.protocol=https
现在https://sitename.com/share正常工作,除了MS Office编辑在线部分。
任何人都可以告诉vti共享点协议部分应该配置什么配置:
vti.server.port=7070
vti.server.protocol=https
vti.server.ssl.keystore=/opt/alfresco-4.2.2/alf_data/keystore/ssl.keystore
vti.server.ssl.password=kT9X6oe68t
vti.server.url.path.prefix=/alfresco
vti.server.external.host=localhost
vti.server.external.port=7070
vti.server.external.protocol=https
vti.server.external.contextPath=/alfresco
请帮忙。 谢谢!
答案 0 :(得分:1)
对于真正的sharepoint协议SSL,您需要覆盖 vtiServerConnector bean,如下所示:
<!-- Use this Connector instead for SSL communications -->
<!-- You will need to set the location of the KeyStore holding your -->
<!-- server certificate, along with the KeyStore password -->
<!-- You should also update the vti.server.protocol property to https -->
<bean id="vtiServerConnector" class="org.mortbay.jetty.security.SslSocketConnector">
<property name="port">
<value>${vti.server.port}</value>
</property>
<property name="headerBufferSize">
<value>8192</value>
</property>
<property name="maxIdleTime">
<value>30000</value>
</property>
<property name="keystore">
<value>${vti.server.ssl.keystore}</value>
</property>
<property name="keyPassword">
<value>${vti.server.ssl.password}</value>
</property>
<property name="password">
<value>${vti.server.ssl.password}</value>
</property>
<property name="keystoreType">
<value>JCEKS</value>
</property>
</bean>
将alfresco-global.properties中的 vti.server.external.protocol 更改为 https
并设置正确的值voor vti.server.ssl.keystore 和 vti.server.ssl.password
答案 1 :(得分:1)
经过几周的Alfresco文档挣扎(与实际工作的步骤明显不同)和在线链接的帮助后,我最终能够在Linux OS上的Alfresco中使用sharepoint协议配置HTTPS,来自GoDaddy CA的证书。
以下是详细的步骤列表:
安装颁发的证书 keytool -import -alias tomcat -keystore tomcat.keystore -trustcacerts -file domain.crt
server.xml中的更改
使用端口443进行SSL 添加新连接器443
<Connector port="443" URIEncoding="UTF-8" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" keystoreFile="/opt/alfresco-4.2.3.1/tomcat/tomcat.keystore" keystorePass="changeit" keystoreType="JKS" secure="true" connectionTimeout="240000" truststoreFile="/opt/alfresco-4.2.3.1/tomcat/tomcat.keystore" truststorePass="changeit" truststoreType="JKS" clientAuth="want" sslProtocol="TLS" allowUnsafeLegacyRenegotiation="true" maxHttpHeaderSize="32768" />
将重定向端口添加到普通8080端口
<Connector port="8080" URIEncoding="UTF-8" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" maxHttpHeaderSize="32768" />
9。重启tomcat。现在露天应该使用https
更新alfresco-global.properties vti.server.port = 7070 vti.server.protocol = HTTPS vti.server.ssl.keystore = /选择/露天-4.2.3.1 / Tomcat的/ tomcat.keystore vti.server.ssl.password =的changeit vti.server.url.path.prefix = /露天 vti.server.external.host = servername.domain.com vti.server.external.port = 7070 vti.server.external.protocol = HTTPS vti.server.external.contextPath = /露天
在tomcat / webapps / alfresco / WEB-中更改vti -context.xml文件 INF / classes / alfresco / module / org.alfresco.module.vti / context / vti-context.xml as: 注释掉现有的&#34; vtiServerConnector&#34;豆,并取消注释 类=&#34; org.mortbay.jetty.security.SslSocketConnector&#34;&GT;