Histórico da Página
| HTML |
|---|
<div id="main-content" class="wiki-content group"> <h1 id="ConfigurarHTTPS-Índice">Contents</h1> <p> <style type='text/css'>/*<![CDATA[*/ div.rbtoc1412695400359 { padding: 0px; } div.rbtoc1412695400359 ul { list-style: none; margin-left: 0px; } div.rbtoc1412695400359 li { margin-left: 0px; padding-left: 0px; } /*]]>*/ </style> <div class='toc-macro rbtoc1412695400359'> <ul class='toc-indentation'> <li><span class='TOCOutline'>1</span> <a href='#ConfigurarHTTPS-Objetivo'>Objective</a></li> <li><span class='TOCOutline'>2</span> <a href='#ConfigurarHTTPS-Obterumcertificadoválido'>Obtain a valid certificate</a></li> <li><span class='TOCOutline'>3</span> <a href='#ConfigurarHTTPS-ProcedimentosdeConfiguraçãodeSSL'>SSL Configuration Procedures</a></li> <li><span class='TOCOutline'>4</span> <a href='#ConfigurarHTTPS-Configurarchatenotificações'>Configure chat and notifications</a></li> </ul> </div> </p> <p> </p> <h1 id="ConfigurarHTTPS-Objetivo">Objective</h1> <p>The objective of this guide is to show the necessary steps to use TOTVS Fluig Platform over the HTTPS protocol.</p> <p> </p> <h1 id="ConfigurarHTTPS-Obterumcertificadoválido">Obtain a valid certificate</h1> <p>The prerequisite for using SSL is having a valid digital certificate for your domain (for example: *.suaempresa.com.br). If your company does not have any digital certificate, it must be purchased from a certifying authority. It is not recommended to use self-signed certificates, since some browsers do not support this type of certificate and may cause unexpected behavior when using TOTVS Fluig Platform.</p> <p> </p> <div class="aui-message hint shadowed information-macro"> <span class="aui-icon icon-hint">Icon</span> <div class="message-content"> <p> The formats currently supported are <strong>PCKS12</strong>. </p> </div> </div> <p> <span style="font-size: 10.0pt; line-height: 13.0pt;"><br /></span> </p> <p> <span style="font-size: 10.0pt; line-height: 13.0pt;">Ask your certifying unit which steps are necessary to generate the <strong>CSR</strong> (<em>Certificate Signing Request</em>). Inform the certificate formats supported so that the certifying unit can provide the file in the correct format. </span> </p> <p>With the certificate copied to the server where TOTVS Fluig Platform is installed, follow the steps below.</p> <h1 id="ConfigurarHTTPS-ProcedimentosdeConfiguraçãodeSSL">SSL Configuration Procedures</h1> <ul> <li>Stop the JBoss service at Fluig.</li> <li><span style="font-size: 10.0pt; line-height: 13.0pt;">Change the </span><em style="font-size: 10.0pt; line-height: 13.0pt;">web subsystem</em><span style="font-size: 10.0pt; line-height: 13.0pt;"> tab in the standalone.xml file</span></li> <li><p> Change the <em>socket-binding</em> tag in the <em>http connector</em> and add the <em>https connector</em>. Configure the <em><ssl></em> tag with the right paths to the certificate.<br /> <br /> </p> <div class="code panel pdl" style="border-width: 1px;"> <div class="codeContent panelContent pdl"> <pre class="theme: Confluence; brush: html/xml; gutter: false" style="font-size: 12px;"><subsystem xmlns="urn:jboss:domain:web:1.4" default-virtual-server="default-host" native="false"> <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="localhost"/> <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true"> <ssl name="${ssl_name}" password="${senha_certificado_ssl}" certificate-key-file="${diretório_certificado}.p12" protocol="ALL" ca-certificate-file="${diretório_certificado}.p12" keystore-type="PKCS12" truststore-type="PKCS12" session-timeout="1800"/> </connector> <virtual-server name="default-host" enable-welcome-root="false"> <sso cache-container="web" cache-name="sso" reauthenticate="false"/> </virtual-server> </subsystem></pre> </div> </div></li> </ul> <p> </p> <div class="aui-message hint shadowed information-macro"> <p class="title">Note</p> <span class="aui-icon icon-hint">Icon</span> <div class="message-content"> <p> The following changes are required for the correct indexing of content on Fluig.</p> </div> </div> <p> </p> <ul> <li><p> Change the property <em>totvs/solrURL </em>as follows: </p> <div class="code panel pdl" style="border-width: 1px;"> <div class="codeContent panelContent pdl"> <pre class="theme: Confluence; brush: html/xml; gutter: false" style="font-size: 12px;"><property name="totvs/solrURL" value="http://127.0.0.1:8080/indexer"/></pre> </div> </div></li> <li><p> On the <em>interface</em> tag, add a new <em>interface.</em> </p> <div class="code panel pdl" style="border-width: 1px;"> <div class="codeContent panelContent pdl"> <pre class="theme: Confluence; brush: html/xml; gutter: false" style="font-size: 12px;"><interface name="localhost"> <inet-address value="127.0.0.1"/> </interface> </pre> </div> </div></li> <li><p> On the <em>socket-binding-group</em> tag, add a new <em>socket-binding-group.</em> </p> <div class="code panel pdl" style="border-width: 1px;"> <div class="codeContent panelContent pdl"> <pre class="theme: Confluence; brush: html/xml; gutter: false" style="font-size: 12px;"><socket-binding name="localhost" interface="localhost" port="8080" fixed-port="true"/> </pre> </div> </div></li> <li>Then, when restarting the JBoss service on Fluig, the access will be via HTTPS, on port 8443.</li> </ul> <p> </p> <h1 id="ConfigurarHTTPS-Configurarchatenotificações">Configure chat and notifications</h1> <p>When configuring TOTVS Fluig Platform to work with HTTPS, the same should be done with the service responsible for the Chat and notifications (delivery of data from server to customers).</p> <p> </p> <p> For such, the<em> ${FLUIG_HOME}/node/bin/package.json</em> file must be edited, adding the following information: </p> <div class="code panel pdl" style="border-width: 1px;"> <div class="codeContent panelContent pdl"> <pre class="theme: Confluence; brush: javascript; gutter: false" style="font-size: 12px;">"ssl" : { "usessl": true, "port": 8443, "key": "/root/ssl/server.key", "cert": "/root/ssl/server.crt", "ca": "/root/ssl/server.crt" }</pre> </div> </div> <p> <span><br /></span> </p> <p> <span>The attributes must be changed as follows:</span> </p> <div class="table-wrap"> <table class="confluenceTable"> <tbody> <tr> <td class="highlight confluenceTd"><p align="center"> <span style="color: rgb(0, 51, 102);">Attribute</span> </p></td> <td class="highlight confluenceTd"><p align="center"> <span style="color: rgb(0, 51, 102);">Description</span> </p></td> </tr> <tr> <td class="confluenceTd"><p> <strong>usessl</strong> </p></td> <td class="confluenceTd"><p> Inform as <strong>true</strong> to characterize the use of HTTPS configuration </p></td> </tr> <tr> <td class="confluenceTd"><p> <strong>port</strong> </p></td> <td class="confluenceTd"><p>Inform the port configured to receive HTTPS requests</p></td> </tr> <tr> <td class="confluenceTd"><p> <strong>key</strong> </p></td> <td class="confluenceTd"><p>Inform the key file path</p></td> </tr> <tr> <td colspan="1" class="confluenceTd"><strong>cert</strong></td> <td colspan="1" class="confluenceTd">Inform the certificate file path</td> </tr> <tr> <td colspan="1" class="confluenceTd"><strong>ca</strong></td> <td colspan="1" class="confluenceTd">Inform the certificate file path</td> </tr> </tbody> </table> </div> <div class="aui-message hint shadowed information-macro"> <p class="title">Note</p> <span class="aui-icon icon-hint">Icon</span> <div class="message-content"> <p>After the change, the Node.js service must be restarted.</p> </div> </div> <div class="aui-message warning shadowed information-macro"> <p class="title">Note</p> <span class="aui-icon icon-warning">Icon</span> <div class="message-content"> <p> If the server has a <strong>proxy</strong>, it is necessary to release the chat ports to <em>SSL</em> on the <em>proxy.</em> </p> </div> </div> <p> <span><br /></span> </p> <p> </p> <p> </p> </div> |
Visão Geral
Import HTML Content
Conteúdo das Ferramentas
Tarefas