Setting up SSL

Other topics

Remarks:

Make sure you have a valid ssl certificate provided by a third party. You can also use a selfsigned certificate, but for dev only. Letsencrypt provides free certificates that can be used in production....

Use keytool to import the certificate to the keystorechain of java.

How to enable SSL on Tomcat and Liferay

Make sure your tomcat configurations file, server.xml has this line:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
              maxHttpHeaderSize="8192" SSLEnabled="true"
              maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
              enableLookups="false" disableUploadTimeout="true"
              acceptCount="100" scheme="https" secure="true"
              clientAuth="false" useBodyEncodingForURI="true"
              sslEnabledProtocols="TLSv1.2"
              keystorePass="passwordtokeystore"
              keystoreFile="/path/to/.keystoreChain"
              truststoreFile="%JAVA_HOME%/jdk1.8.0_91/jre/lib/security/cacerts"
              />

Its important to choose the right sslprotocols, you can add more sslprotocols with a comma seperation inbetween the ssl protocols like this:

sslEnabledProtocols="TLSv1, TLSv1.1, TLSv1.2"

Then make sure that your portal-ext.properties file in Liferay have this configuration lines:

web.server.protocol=https

Contributors

Topic Id: 4320

Example Ids: 15084

This site is not affiliated with any of the contributors.