Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
79:configure_stages [2024/03/08 08:05] – [Configuring SSL Certificate] Weinlein, Thomas | 79:configure_stages [2024/03/08 10:32] (current) – Weinlein, Thomas | ||
---|---|---|---|
Line 42: | Line 42: | ||
| '' | | '' | ||
| Basic configuration ||| | | Basic configuration ||| | ||
- | | '' | + | | '' |
by using variable replacement | by using variable replacement | ||
)) | | )) | | ||
Line 63: | Line 63: | ||
| '' | | '' | ||
| '' | | '' | ||
- | | [[#Configuring SSL Certificate|Certificates]] ||| | + | | [[#configuring-tlsssl-certificate|Certificates]] ||| |
| '' | | '' | ||
| [[kerberos_autologin|Kerberos SSO]] ||| | | [[kerberos_autologin|Kerberos SSO]] ||| | ||
Line 174: | Line 174: | ||
The server.xml for new installations looks as follows: [[server.xml]] | The server.xml for new installations looks as follows: [[server.xml]] | ||
- | Stages is started on TCP/IP port 80, 443 and 8085 and enforces usage of HTTPS by default. Thus, it can be accessed via the URL [[https://< | + | Stages is started on TCP/IP port 80, 443 and 8085 and enforces usage of HTTPS by default. Thus, it can be accessed via the URL [[https://< |
When you try to access Stages via HTTP the client will be redirect to HTTPS instead. | When you try to access Stages via HTTP the client will be redirect to HTTPS instead. | ||
Line 237: | Line 237: | ||
In case you use a IPv6 only configuration please replace '' | In case you use a IPv6 only configuration please replace '' | ||
- | ==== Configuring SSL Certificate ==== | + | Further explanations of the connector attributes are available at [[https:// |
+ | |||
+ | ==== Configuring | ||
Stages comes with a self signed certificate for [[https:// | Stages comes with a self signed certificate for [[https:// | ||
* Register a DNS alias for the server, e.g. “stages.company.com” | * Register a DNS alias for the server, e.g. “stages.company.com” | ||
- | * Apply for a SSL certificate for the server which refers to the above alias. Depending on your local procedures, this might require creating a certificate request (see https:// | + | * Apply for a TLS/SSL certificate for the server which refers to the above alias. Depending on your local procedures, this might require creating a certificate request (e.g. see https:// |
* Store your PKCS#12 (requires JDK 8u301 or newer) or JKS keystore file in '' | * Store your PKCS#12 (requires JDK 8u301 or newer) or JKS keystore file in '' | ||
Line 258: | Line 260: | ||
==== Configuration for usage with Reverse Proxy ==== | ==== Configuration for usage with Reverse Proxy ==== | ||
- | in case you want to terminate the SSL connection on a reverse proxy, you need to adapt the '' | + | in case you want to terminate the TSL connection on a reverse proxy ([[https:// |
E.g. | E.g. | ||
Line 329: | Line 331: | ||
set JAVA_OPTS=[...] -Djavax.net.ssl.trustStoreType=Windows-ROOT -Djavax.net.ssl.trustStore=NUL | set JAVA_OPTS=[...] -Djavax.net.ssl.trustStoreType=Windows-ROOT -Djavax.net.ssl.trustStore=NUL | ||
</ | </ | ||
- | This is the default for new installations of 7.9.14.0 | + | This is the default for new installations of Stages |
Linux: | Linux: |