0
Answered

how to make mycollab runs on https

sam 5 years ago updated 5 years ago 7

Hi everybody. I need that Mycollab runs on HTTPS but i cannot find any configuration for that!
Please help me.

Answered

You can setup nginx as the reverse proxy in front of MyCollab, and setup HTTPS with nginx.

Thank you for your answer. Is it possible to set HTTPS with Mycollab default server (Jetty server) or Apache Tomcat ?

Yes, you can. MyCollab is a spring boot application, and you simply config the Spring boot HTTPS like this article https://www.tutorialspoint.com/spring_boot/spring_boot_enabling_https.htm. The config file is located at %MYCOLLAB_HOME%/config

Thank you for your answer. We use Mycollab 5.4.10 and as i know in this version, spring is used not spring boot!

You are right! We start using Spring boot on version 6.0. With this version, you only have the option to use reverse proxy as above. I prefer to use the reverse proxy because it is lightweight and easy to install

Thank you very much.


1-The first step is to generate a keystore using keytool. -validity 3650 means the certificate is valid for 3650 days.

keytool -keystore mykey.jks -alias mykey -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -genkey -validity 3650


2- in JettyServerBasedRunner.java in method execute apply below changes:

2.1-comment below lines

//ServerConnector serverConnector = new ServerConnector(server);
//serverConnector.setIdleTimeout(360000);
//serverConnector.setPort(port);
// Set the connectors
//server.addConnector(serverConnector);

2.2-add below lines and set path of mykey.jks and your key store password in code

HttpConfiguration http_config = new HttpConfiguration();
http_config.setSecureScheme("https");
http_config.setSecurePort(8443);

HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());

SslContextFactory sslContextFactory = new SslContextFactory("path of mykey.jks");
sslContextFactory.setKeyStorePassword("your key store password");

ServerConnector httpsConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, "http/1.1"),
new HttpConnectionFactory(https_config));
httpsConnector.setPort(8443);
httpsConnector.setIdleTimeout(50000);

server.setConnectors(new Connector[]{ httpsConnector });

3- in mycollab.properties apply below changes: Change http to https

cdn.url=https://%s:%d/assets/
app.url=https://%s:%d/
resource.downloadUrl=https://%s:%d/file/

4-maven -> clean,install

5-run

references:

https://newfivefour.com/jetty-9-ssl-https.html

https://medium.com/vividcode/enable-https-support-with-self-signed-certificate-for-embedded-jetty-9-d3a86f83e9d9