Liferay SSL Configuration - JBOSS Bundle - Forums

掲示板

Liferay SSL Configuration - JBOSS Bundle

9年前に babu babu によって更新されました。

Liferay SSL Configuration - JBOSS Bundle

New Member 投稿: 18 参加年月日: 11/06/17 最新の投稿

Hi All,

I'am using the liferay jboss bundle - version : liferay-portal-6.2-ce-ga2

Currently I'am doing the SSL Configuration for our Liferay. I took guidance from the below blog which was very much helpful.

https://www.liferay.com/web/meera.success/blog/-/blogs/liferay-portal-ssl-configuration

I'am able to successfully load the login page in https. https://localhost:8443/

The issue start when I try to login.
When I try to login(with defadefaultuly test user credentials) I get the error,
"Webpage not available".

Below is the URL the browser trying to hit when I try to login.

https://localhost/web/guest/home?p_p_id=58&p_p_lifecycle=1&p_p_state=normal&p_p_mode=view&p_p_col_id=column-1&p_p_col_count=1&_58_struts_action=%2Flogin%2Flogin

So, I cannot proceed with the https site further.
In http, its working fine as usual.

Any help would be very much helpful to me.

FYI, I also try extending some portal properties

company.security.auth.requires.https=true
session.enable.phishing.protection=false
web.server.protocol=https

But issue remain the same.

Looking forward for a reply.

Thanks,
Nagaraj.

9年前に Neil Griffin によって更新されました。

Moved to Liferay Portal - Development category

Liferay Legend 投稿: 2655 参加年月日: 05/07/27 最新の投稿

Hi Nagaraj,

I just moved this thread to the "Liferay Portal - Development category" because this question would be best handled by the experts in the community.

Kind Regards,

Neil

9年前に babu babu によって更新されました。

RE: Liferay SSL Configuration - JBOSS Bundle

New Member 投稿: 18 参加年月日: 11/06/17 最新の投稿

HI All,

At last my problem got resolved.

After doing all steps as said in the SSL post. And after extending the below portal properties,

company.security.auth.requires.https=true
session.enable.phishing.protection=false
web.server.protocol=https

I just missed to add,

web.server.https.port=8443

After adding , my problem got resolved.

Thanks,
Nagaraj.

9年前に Tomas Polesovsky によって更新されました。

RE: Liferay SSL Configuration - JBOSS Bundle

Liferay Master 投稿: 676 参加年月日: 09/02/13 最新の投稿

Hi,

are you going to use your portal only with HTTPS? That would be great!

If so, then:
1, you don't need

session.enable.phishing.protection=false

Disabling this protection pose a security risk - session fixation attack.

2, I'd also recommend to install HSTS plugin from marketplace - https://www.liferay.com/marketplace/-/mp/application/27551660

9年前に Olaf Kock によって更新されました。

RE: Liferay SSL Configuration - JBOSS Bundle

Liferay Legend 投稿: 6403 参加年月日: 08/09/23 最新の投稿

Tomas Polesovsky:

2, I'd also recommend to install HSTS plugin from marketplace - https://www.liferay.com/marketplace/-/mp/application/27551660

Thanks for the recommendation.

There are two caveats in this case: By design, it doesn't work with self-signed certificates, and it requires standard ports, 80 and 443, for HTTP and HTTPS access, because the browsers would just replace the protocols in a URL, no ports - e.g. http://www.example.com:8080/ would be rewritten to https://www.example.com:8080/, which obviously can't work.

Other than that, I've just updated the plugin, so now I can claim that I found the way to enable mixed-mode http/https, which so many people want to have: You can configure HSTS to only kick in if you're authenticated. Anonymous access to https is possible, but won't be forced to stay in https always, while you get the HSTS header as soon as you log in to the portal.