[Building Sakai] [Deploying Sakai] ssl with 2.8 issue
Steve Swinsburg
steve.swinsburg at gmail.com
Wed Dec 7 01:33:49 PST 2011
Hi,
Read this guide:
https://confluence.sakaiproject.org/display/DOC/Sakai+Admin+Guide+-+Advanced+Tomcat++(and+Apache)+Configuration
The property that Muhammed refers to below is:
force.url.secure=443
Later you probably want to do the SSL in Apache rather than Tomcat.
cheers,
Steve
On 07/12/2011, at 7:06 PM, Muhammad Shoaib wrote:
> Dear Yasir,
>
> You need to uncomment ssl / https in sakai.properties files as well so that it enforce and allow to build / make the internal links using HTTPS
>
> Regards
> Shoaib.
>
> On Fri, Dec 2, 2011 at 3:17 PM, Yasir Arfat <yasir.arfat at nu.edu.pk> wrote:
> Dear All,
>
> I want implement ssl with sakai2.8
> tomcat5.5
>
> First i have created my own certificate using following method
>
>
>
> $ keytool -genkey -alias tomcat -keyalg RSA -keystore mycert.jks
>
> Enter keystore password:
>
> What is your first and last name?
>
> [Unknown]: Chris Barber
>
> What is the name of your organizational unit?
>
> [Unknown]:
>
> What is the name of your organization?
>
> [Unknown]: CB1, INC.
>
> What is the name of your City or Locality?
>
> [Unknown]: Minneapolis
>
> What is the name of your State or Province?
>
> [Unknown]: MN
>
> What is the two-letter country code for this unit?
>
> [Unknown]: US
>
> Is CN=Chris Barber, OU=Unknown, O="CB1, INC.", L=Minneapolis, ST=MN, C=US correct?
>
> [no]: yes
>
>
>
> Enter key password for <tomcat>
>
> (RETURN if same as keystore password):
>
>
>
> i have placed mycert.jks in conf folder in tomcat
>
>
>
> and uncomment the ssl connector in server.xml
>
>
>
> <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
>
> <Connector port="8443" maxHttpHeaderSize="8192"
>
> maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
>
> enableLookups="false" disableUploadTimeout="true"
>
> acceptCount="100" scheme="https" secure="true"
>
> keystoreFile="conf/mycert.jks"
>
> clientAuth="false" sslProtocol="TLS" />
>
>
>
>
>
> and restart the tomcat server
>
> it redirect to http://localhost:8443/
>
>
>
> but the some content are missing you can see in attached file. below is the error
>
>
>
>
> "The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties,
>
> or you may need to adjust your browser settings."
>
>
>
> If i try to login it gives message "The page cannot be displayed"
>
>
>
> I also try to put the following setting in web.xml
>
>
>
> <!-- redirect all traffic to the SSL port -->
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Automatic SLL Forwarding</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
> but it gives the same error .
>
>
> i set serverurl in sakai properties file
> serverUrl=https://localhost:8080
>
>
>
> and also try this
>
> serverUrl=https://localhost:8443
>
>
>
>
>
>
>
> Please help me how can i solve this problem.
>
>
>
>
>
> --
>
>
> Yasir Arfat | Software Engineer
> National University of Computer and Emerging Sciences
> A. K. Brohi Road (Near Police Line) H11/4 Islamabad
> Tel +92-(51)-111-128-128 Ext 344 Cell +92-(303)-5900513
> yasir.arfat at nu.edu.pk
>
>
>
>
> --
>
>
> Yasir Arfat | Software Engineer
> National University of Computer and Emerging Sciences
> A. K. Brohi Road (Near Police Line) H11/4 Islamabad
> Tel +92-(51)-111-128-128 Ext 344 Cell +92-(303)-5900513
> yasir.arfat at nu.edu.pk
>
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
>
>
>
> --
> Regards
> Muhammad Shoaib | Software Engineer
> National University of Computer and Emerging Sciences
> A. K. Brohi Road (Near Police Line) H11/4 Islamabad
> T +92-(51)-111-128-128 Ext 263 | M +92-331-5442131
>
> _______________________________________________
> production mailing list
> production at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/production
>
> TO UNSUBSCRIBE: send email to production-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20111207/55ed7bb6/attachment.html
More information about the sakai-dev
mailing list