iceScrum | Installation with SSL proxy – iceScrum

iceScrum Forums Discutez d'iceScrum

4 sujets de 1 à 4 (sur un total de 4)

  • Auteur
    Messages
  • #105207

    nykopol
    Participant

    Hello,

    I’ve installed icescrum version 7.0.06 Pro with docker.
    For security i’ve placed a SSL proxy (apache 2.4).

    My apache configuration is the following :

    <VirtualHost *:443>
    ServerName my-fqdn.com
    ServerAdmin webmaster@localhost

    SSLEngine on
    SSLCertificateFile /…/fullchain.pem
    SSLCertificateKeyFile /…/privkey.pem
    SSLCertificateChainFile /…/fullchain.pem

    ProxyRequests Off
    ProxyPreserveHost On
    ProxyStatus On

    Header edit Location ^http://my-fqdn.com/ https://my-fqdn.com/
    Header edit Location ^ws://my-fqdn.com/ wss://my-fqdn.com/

    ProxyPass « / » « http://localhost:8080/ »
    ProxyPassReverse « / » « http://localhost:8080/ »
    </VirtualHost>

    The problem is that the first page load correctly with HTTPS but the websocket that is started just after try to open ws://my-fqdn.com/stream/app?X-Atmosphere-tr...

    What can i do to force the websocket to start as wss ?

    #105345

    Vincent Barrier
    Maître des clés

    Hello,

    You should also enable https scheme on the tomcat side (in the server.xml file). It will help iceScrum to know that it is in a secured context 🙂

    #105590

    nykopol
    Participant

    Thank for your help Vincent.
    And sorry if it’s a stupid question, but where do i find this server.xml file ?

    I’ve installed icescrum with the official docker image.
    My config.groovy file is the following :

    config.groovy
    dataSource.driverClassName="org.postgresql.Driver"
    dataSource.password="****"
    dataSource.url="jdbc:postgresql://db:5432/icescrum"
    dataSource.username="icescrum"
    grails.mail.host="***
    grails.mail.password=""
    grails.mail.port="25"
    grails.mail.props="mail.smtp.auth=false"
    grails.mail.username=""
    icescrum.alerts.default.from="icescrum@my-fqdn.com"
    icescrum.alerts.enable=true
    icescrum.alerts.subject_prefix="[icescrum]"
    icescrum.baseDir="/root/icescrum"
    icescrum.debug.enable=false
    icescrum.gravatar.enable=true
    icescrum.invitation.enable=true
    icescrum.log.dir="/root/logs/"
    icescrum.login.retrieve.enable=true
    icescrum.project.creation.enable=true
    icescrum.project.export.enable=true
    icescrum.project.import.enable=true
    icescrum.project.private.default=true
    icescrum.project.private.enable=true
    icescrum.registration.enable=true
    icescrum.reportUsage.enable=true
    icescrum.serverURL="https://my-fqdn.com/"
    scheme="https"
    
    #105614

    Nicolas Noullet
    Maître des clés

    This is not a stupid question at all, it’s our bad. Sorry we missed the Docker part in your previous post, as stated in the iceScrum Docker documentation:

    There is no https support for the moment for this Docker image.

    If you really need to use iceScrum with HTTPS now, the best way to go is to install Tomcat manually on a server, then put scheme= »https » in the connector part of the Tomcat server.xml file.

    The documentation explaining how to install iceScrum with Tomcat is not fully up to date with iceScrum v7 but you can use it as a reference: https://www.icescrum.com/documentation/application-server/.

4 sujets de 1 à 4 (sur un total de 4)

Le forum ‘Installation’ est fermé à de nouveaux sujets et réponses.