Alfresco behind Load Balancer with SSL offload

cancel
Showing results for 
Search instead for 
Did you mean: 
fosterm
Member II

Alfresco behind Load Balancer with SSL offload

We are moving our Alfresco installation from behind an Apache proxy using AJP to use a load-balancer that is doing SSL offloading and forwarding requests directly to the backend by modifying the proxy settings in tomcat/conf/server.xml. However, the Configuring SSL for a production environment  documentation says to protect the following endpoints:

/share/*/proxy/alfresco/api/solr/*
/share/-default-/proxy/alfresco/api/*

What examples of URLs are there with "/share/*/proxy"? How can I determine what the application is using for "*" in this scnenario? There isn't anything in the solr documentation about this and the only page that references these is this SSL configuration page.

We tried blocking "/share/proxy/alfresco/api" thinking that was what a pattern, but blocking that URL breaks the application as the dashboard or other items don't load. I don't know that is possible at the moment to create rules on our LB to redirect a URL with multiple wildcards. Is there a more comphresensive list of actual URLs used by the server with "share/*/proxy" based on our configuration or is there a way to redirect these in tomcat or ?