Skip to content

Commit 3a5868a

Browse files
aborroyaborroy
committed
Fix Repository TLS Configuration for Tomcat 10
1 parent 58ba09e commit 3a5868a

File tree

8 files changed

+32
-18
lines changed

8 files changed

+32
-18
lines changed

generators/app/templates/23.1/docker-compose.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@ services:
1212
TRUSTSTORE_TYPE: JCEKS
1313
TRUSTSTORE_PASS: truststore
1414
KEYSTORE_TYPE: JCEKS
15-
KEYSTORE_PASS: keystore <% } %>
15+
KEYSTORE_PASS: keystore
16+
CERT_ALIAS: ssl.repo <% } %>
1617
mem_limit: <%=ram/2%>m
1718
depends_on: <% if (db == 'postgres') { %>
1819
- postgres <% } %> <% if (db == 'mariadb') { %>

generators/app/templates/7.1/docker-compose.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@ services:
1212
TRUSTSTORE_TYPE: JCEKS
1313
TRUSTSTORE_PASS: truststore
1414
KEYSTORE_TYPE: JCEKS
15-
KEYSTORE_PASS: keystore <% } %>
15+
KEYSTORE_PASS: keystore
16+
CERT_ALIAS: ssl.repo <% } %>
1617
mem_limit: <%=ram/2%>m
1718
depends_on: <% if (db == 'postgres') { %>
1819
- postgres <% } %> <% if (db == 'mariadb') { %>
@@ -88,7 +89,7 @@ services:
8889
-Dmail.password=
8990
-Dmail.protocol=smtp
9091
-Dmail.smtps.starttls.enable=false
91-
-Dmail.smtps.auth=false <% } else { %>
92+
-Dmail.smtps.auth=false <% } else { %>
9293
-Ddev.email.not.sent=true <% } if (ldap == "true") { %>
9394
-Dauthentication.chain=alfinst:alfrescoNtlm,ldap1:ldap
9495
-Dldap.authentication.active=true

generators/app/templates/7.2/docker-compose.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@ services:
1212
TRUSTSTORE_TYPE: JCEKS
1313
TRUSTSTORE_PASS: truststore
1414
KEYSTORE_TYPE: JCEKS
15-
KEYSTORE_PASS: keystore <% } %>
15+
KEYSTORE_PASS: keystore
16+
CERT_ALIAS: ssl.repo <% } %>
1617
mem_limit: <%=ram/2%>m
1718
depends_on: <% if (db == 'postgres') { %>
1819
- postgres <% } %> <% if (db == 'mariadb') { %>
@@ -88,7 +89,7 @@ services:
8889
-Dmail.password=
8990
-Dmail.protocol=smtp
9091
-Dmail.smtps.starttls.enable=false
91-
-Dmail.smtps.auth=false <% } else { %>
92+
-Dmail.smtps.auth=false <% } else { %>
9293
-Ddev.email.not.sent=true <% } if (ldap == "true") { %>
9394
-Dauthentication.chain=alfinst:alfrescoNtlm,ldap1:ldap
9495
-Dldap.authentication.active=true

generators/app/templates/7.3/docker-compose.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@ services:
1212
TRUSTSTORE_TYPE: JCEKS
1313
TRUSTSTORE_PASS: truststore
1414
KEYSTORE_TYPE: JCEKS
15-
KEYSTORE_PASS: keystore <% } %>
15+
KEYSTORE_PASS: keystore
16+
CERT_ALIAS: ssl.repo <% } %>
1617
mem_limit: <%=ram/2%>m
1718
depends_on: <% if (db == 'postgres') { %>
1819
- postgres <% } %> <% if (db == 'mariadb') { %>
@@ -90,7 +91,7 @@ services:
9091
-Dmail.password=
9192
-Dmail.protocol=smtp
9293
-Dmail.smtps.starttls.enable=false
93-
-Dmail.smtps.auth=false <% } else { %>
94+
-Dmail.smtps.auth=false <% } else { %>
9495
-Ddev.email.not.sent=true <% } if (ldap == "true") { %>
9596
-Dauthentication.chain=alfinst:alfrescoNtlm,ldap1:ldap
9697
-Dldap.authentication.active=true

generators/app/templates/7.4/docker-compose.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@ services:
1212
TRUSTSTORE_TYPE: JCEKS
1313
TRUSTSTORE_PASS: truststore
1414
KEYSTORE_TYPE: JCEKS
15-
KEYSTORE_PASS: keystore <% } %>
15+
KEYSTORE_PASS: keystore
16+
CERT_ALIAS: ssl.repo <% } %>
1617
mem_limit: <%=ram/2%>m
1718
depends_on: <% if (db == 'postgres') { %>
1819
- postgres <% } %> <% if (db == 'mariadb') { %>

generators/app/templates/images/alfresco/Dockerfile

Lines changed: 17 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -69,27 +69,36 @@ ARG TRUSTSTORE_TYPE
6969
ARG TRUSTSTORE_PASS
7070
ARG KEYSTORE_TYPE
7171
ARG KEYSTORE_PASS
72+
ARG CERT_ALIAS
7273

7374
ENV TRUSTSTORE_TYPE=$TRUSTSTORE_TYPE \
7475
TRUSTSTORE_PASS=$TRUSTSTORE_PASS \
7576
KEYSTORE_TYPE=$KEYSTORE_TYPE \
76-
KEYSTORE_PASS=$KEYSTORE_PASS
77+
KEYSTORE_PASS=$KEYSTORE_PASS \
78+
CERT_ALIAS=$CERT_ALIAS
7779

7880
# Enable SSL by adding the proper Connector to server.xml
7981
RUN if [ "$SOLR_COMMS" == "https" ] ; then \
8082
sed -i "s/\
8183
[[:space:]]\+<\/Engine>/\n\
8284
<\/Engine>\n\
83-
<Connector port=\"8443\" protocol=\"HTTP\/1.1\"\n\
84-
connectionTimeout=\"20000\"\n\
85-
SSLEnabled=\"true\" maxThreads=\"150\" scheme=\"https\" clientAuth=\"want\" sslProtocol=\"TLS\" sslEnabledProtocols=\"TLSv1.2\"\n\
86-
keystoreFile=\"\/usr\/local\/tomcat\/keystore\/ssl.keystore\"\n\
87-
keystorePass=\"${KEYSTORE_PASS}\" keystoreType=\"${KEYSTORE_TYPE}\" secure=\"true\"\n\
88-
truststoreFile=\"\/usr\/local\/tomcat\/keystore\/ssl.truststore\"\n\
89-
truststorePass=\"${TRUSTSTORE_PASS}\" truststoreType=\"${TRUSTSTORE_TYPE}\">\n\
85+
<Connector port=\"8443\" protocol=\"org.apache.coyote.http11.Http11NioProtocol\"\n\
86+
connectionTimeout=\"20000\" maxThreads=\"150\"\n\
87+
SSLEnabled=\"true\" scheme=\"https\" secure=\"true\"\n\
88+
defaultSSLHostConfigName=\"localhost\">\n\
89+
<SSLHostConfig hostName=\"localhost\" protocols=\"TLSv1.2\"\n\
90+
certificateVerification=\"required\"\n\
91+
truststoreFile=\"\/usr\/local\/tomcat\/keystore\/ssl.truststore\"\n\
92+
truststorePassword=\"${TRUSTSTORE_PASS}\" truststoreType=\"${TRUSTSTORE_TYPE}\">\n\
93+
<Certificate certificateKeystoreFile=\"\/usr\/local\/tomcat\/keystore\/ssl.keystore\"\n\
94+
certificateKeyAlias=\"${CERT_ALIAS}\" type=\"RSA\"\n\
95+
certificateKeystorePassword=\"${KEYSTORE_PASS}\" certificateKeystoreType=\"${KEYSTORE_TYPE}\"\/>\n\
96+
<\/SSLHostConfig>\n\
9097
<\/Connector>/g" ${TOMCAT_DIR}/conf/server.xml; \
9198
fi
9299

100+
101+
93102
<% if (ftp == 'true') { %>
94103
EXPOSE 2121 2433 2434
95104
<% } %>

package-lock.json

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "generator-alfresco-docker-installer",
3-
"version": "0.8.2",
3+
"version": "0.8.3",
44
"description": "Alfresco Docker Installer",
55
"homepage": "https://github.com/Alfresco/alfresco-docker-installer",
66
"author": "Angel Borroy <angel.fernandoborroy@hyland.com>",

0 commit comments

Comments
 (0)