[Building Sakai] [Deploying Sakai] ssl with 2.8 issue

Steve Swinsburg steve.swinsburg at gmail.com
Wed Dec 7 01:33:49 PST 2011 

Hi,

Read this guide:
https://confluence.sakaiproject.org/display/DOC/Sakai+Admin+Guide+-+Advanced+Tomcat++(and+Apache)+Configuration

The property that Muhammed refers to below is:
force.url.secure=443

Later you probably want to do the SSL in Apache rather than Tomcat.

cheers,
Steve



On 07/12/2011, at 7:06 PM, Muhammad Shoaib wrote:

> Dear Yasir, 
> 
> You need to uncomment ssl / https in sakai.properties files as well so that it enforce and allow to build / make the internal links using HTTPS
> 
> Regards
> Shoaib. 
> 
> On Fri, Dec 2, 2011 at 3:17 PM, Yasir Arfat <yasir.arfat at nu.edu.pk> wrote:
> Dear All,
> 
> I want implement ssl with sakai2.8
> tomcat5.5
> 
> First i have created my own certificate using following method
> 
> 
> 
> $ keytool -genkey -alias tomcat -keyalg RSA -keystore mycert.jks
> 
> Enter keystore password:  
> 
> What is your first and last name?
> 
>   [Unknown]:  Chris Barber
> 
> What is the name of your organizational unit?
> 
>   [Unknown]:
> 
> What is the name of your organization?
> 
>   [Unknown]:  CB1, INC.
> 
> What is the name of your City or Locality?
> 
>   [Unknown]:  Minneapolis
> 
> What is the name of your State or Province?
> 
>   [Unknown]:  MN
> 
> What is the two-letter country code for this unit?
> 
>   [Unknown]:  US
> 
> Is CN=Chris Barber, OU=Unknown, O="CB1, INC.", L=Minneapolis, ST=MN, C=US correct?
> 
>   [no]:  yes
> 
>  
> 
> Enter key password for <tomcat>
> 
>         (RETURN if same as keystore password):
> 
> 
> 
> i have placed mycert.jks in conf folder in tomcat
> 
> 
> 
> and uncomment the ssl connector in server.xml
> 
> 
> 
> <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
> 
> <Connector port="8443" maxHttpHeaderSize="8192"
> 
>         maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
> 
>         enableLookups="false" disableUploadTimeout="true"
> 
>         acceptCount="100" scheme="https" secure="true"
> 
>         keystoreFile="conf/mycert.jks"
> 
>         clientAuth="false" sslProtocol="TLS" />
> 
> 
> 
> 
> 
> and restart the tomcat server
> 
> it redirect to http://localhost:8443/
> 
> 
> 
> but the some content are missing you can see in attached file. below is the error
> 
> 
>  
> 
> "The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, 
> 
> or you may need to adjust your browser settings."
> 
> 
> 
> If i try to login it gives message "The page cannot be displayed"
> 
> 
> 
> I also try to put the following setting in web.xml
> 
> 
> 
> <!-- redirect all traffic to the SSL port -->
> <security-constraint>
>   <web-resource-collection>
>     <web-resource-name>Automatic SLL Forwarding</web-resource-name>
>     <url-pattern>/*</url-pattern>
>   </web-resource-collection>
>   <user-data-constraint>
>     <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>   </user-data-constraint>
> </security-constraint>
> 
> but it gives the same error .
> 
> 
> i set serverurl in sakai properties file
> serverUrl=https://localhost:8080
> 
> 
> 
> and also try this
> 
> serverUrl=https://localhost:8443
> 
> 
> 
> 
> 
> 
> 
> Please help me how can i solve this problem.
> 
> 
> 
> 
> 
> -- 
>  
>  
> Yasir Arfat | Software Engineer  
> National University of Computer and Emerging Sciences
> A. K. Brohi Road (Near Police Line) H11/4 Islamabad 
> Tel +92-(51)-111-128-128 Ext 344  Cell +92-(303)-5900513
> yasir.arfat at nu.edu.pk
> 
> 
> 
> 
> -- 
>  
>  
> Yasir Arfat | Software Engineer  
> National University of Computer and Emerging Sciences
> A. K. Brohi Road (Near Police Line) H11/4 Islamabad 
> Tel +92-(51)-111-128-128 Ext 344  Cell +92-(303)-5900513
> yasir.arfat at nu.edu.pk
> 
> 
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> 
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
> 
> 
> 
> -- 
> Regards 
> Muhammad Shoaib | Software Engineer  
> National University of Computer and Emerging Sciences
> A. K. Brohi Road (Near Police Line) H11/4 Islamabad 
> T +92-(51)-111-128-128 Ext 263 | M +92-331-5442131
> 
> _______________________________________________
> production mailing list
> production at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/production
> 
> TO UNSUBSCRIBE: send email to production-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20111207/55ed7bb6/attachment.html

More information about the sakai-dev mailing list