That is your issue. Apache has the cert installed via LetEncrypt.
Tomcat which is running on 5443 needs to have the configuration set to
know where the cert is located as well as the keystore created.
You can do two things. Proxy through Apache, or configure your OM
instance to be able to read where the keys are.
LetEncrypt places the cert at:
/etc/letsencrypt/live/<domain>
On 7/4/19 11:34 AM, Xavier M wrote:
Hem... No... Do you mean I have to copy and paste the certificate in
each folder? Actually, I even don't know where the certificate is to
be found on the server... But I guess I find it somewhere if needed.
Xavier
------------------------------------------------------------------------
*De :* Stefan Kühl <ste...@quatrekuehl.eu>
*Envoyé :* jeudi 4 juillet 2019 17:06
*À :* user@openmeetings.apache.org
*Cc :* R. Scholz
*Objet :* Re: Log-in and security
Hi @all,
port should be irrelevant. I'm using Apache on Ubuntu with port 5443
too. https works as expected.
Did you export they certificate keys (like keystore and trustscore) to
your %OM%/conf folder?
Greetz
Stefan
Am 04.07.2019 16:57, schrieb R. Scholz:
Hello Xavier,
Hm, you using on Port 80 Tomcat or Apache?
Best regards,
René
Am 04.07.2019 um 16:24 schrieb Xavier M:
Thank you for answering... I'm sorry, but I don't know enough about
certificates to give you a relevant answer. I think that :
* The common name is "rusa.fr"
* There is no subject alternative name (even www.rusa.fr
<http://www.rusa.fr>)
* It is not a wildcard
... But I'm not 100% sure, it is the first time I administrate a
server, I'm discovering many things at the same time!
Xavier
------------------------------------------------------------------------
*De :* Clayton, Robin <robin.clay...@cumberland.co.uk>
<mailto:robin.clay...@cumberland.co.uk>
*Envoyé :* jeudi 4 juillet 2019 15:43
*À :* user@openmeetings.apache.org <mailto:user@openmeetings.apache.org>
*Objet :* RE: Log-in and security
What is the CN of the certificate, is there any SAN entries on the
certificate? Or is it a wildcard?
The TCP port should be irrelevant.
Rob
*From:*Stefan Kühl [mailto:ste...@quatrekuehl.eu]
*Sent:* 04 July 2019 14:16
*To:* user@openmeetings.apache.org <mailto:user@openmeetings.apache.org>
*Cc:* Xavier M
*Subject:* Re: Log-in and security
Hi,
are you sure that you request your certificate also for domain.eu
<http://domain.eu> or only for www.domain.eu <http://www.domain.eu>.
You should check this. Sometimes webhoster only use the www adresses
for certificates.
Greetz
Stefan
Am 04.07.2019 14:18, schrieb Xavier M:
Hi everybody,
I'm quite sure that the answer is already somewhere, but I
couldn't find it...
After having installed OM on a web-server, the "written" way to
access to the log-in is following, according to Alvaro's tuto:
https://localhost:5443/openmeetings
If OM is installed on a web server, let's say "domain.eu
<http://domain.eu>", it works correctly with:
https://domain.eu:5443/openmeetings
But the user will get a warning for security reason, even if
domain.eu <http://domain.eu> works with https, since the common
certificates will not work with this port.
I stated that following URL worked for the "demo version":
https://om.alteametasoft.com/openmeetings
Does anyone know how this was done? I would like to avoid the
use of the port 5443 with the warning.
Have a good day!
Xavier
*Disclaimer*
This email has been scanned by the Mimecast security service.
*Disclaimer*
Please, consider your environmental responsibility. Before printing
this e-mail ask yourself: Do I need a hard copy?
Cumberland Building Society
Cumberland House
Cooper Way
Parkhouse
CARLISLE CA3 0JF
To help us monitor and improve customer service telephone calls may
be recorded.
Cumberland Building Society is authorised by the Prudential
Regulation Authority and regulated by the Financial Conduct
Authority and Prudential Regulation Authority. We arrange life
assurance and critical illness cover only with Legal & General
Assurance Society Limited and general insurance only with Aviva
Insurance Limited.
To find out more about us, visit _www.cumberland.co.uk_
<http://www.cumberland.co.uk/>
CONFIDENTIALITY: This e-mail and any files transmitted with it are
confidential, may be legally privileged and are intended for the
addressee(s) only. If you are not the intended recipient you may not
disclose, copy, distribute, or retain all or part of this e-mail
without our authority. Please notify the sender immediately by
replying to this e-mail and then permanently delete it.
Any views or opinions expressed are solely those of the author and
do not necessarily represent those of Cumberland Building Society or
any of its subsidiaries.
Although we have taken steps to ensure that this e-mail and any
attachments are free from virus contamination, please rely on your
own virus checking procedures as no guarantee is implied or given.
We will not be liable for any loss or damage arising from alteration
of the contents of this e-mail by a third party or as a result of
any virus.
This email has been scanned by the Mimecast security service.
