liferay

Setting up SSL

Remarks#

Make sure you have a valid ssl certificate provided by a third party. You can also use a selfsigned certificate, but for dev only. Letsencrypt provides free certificates that can be used in production…

Use keytool to import the certificate to the keystorechain of java.

How to enable SSL on Tomcat and Liferay

Make sure your tomcat configurations file, server.xml has this line:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
              maxHttpHeaderSize="8192" SSLEnabled="true"
              maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
              enableLookups="false" disableUploadTimeout="true"
              acceptCount="100" scheme="https" secure="true"
              clientAuth="false" useBodyEncodingForURI="true"
              sslEnabledProtocols="TLSv1.2"
              keystorePass="passwordtokeystore"
              keystoreFile="/path/to/.keystoreChain"
              truststoreFile="%JAVA_HOME%/jdk1.8.0_91/jre/lib/security/cacerts"
              />

Its important to choose the right sslprotocols, you can add more sslprotocols with a comma seperation inbetween the ssl protocols like this:

sslEnabledProtocols="TLSv1, TLSv1.1, TLSv1.2"

Then make sure that your portal-ext.properties file in Liferay have this configuration lines:

web.server.protocol=https
This modified text is an extract of the original Stack Overflow Documentation created by the contributors and released under CC BY-SA 3.0 This website is not affiliated with Stack Overflow