Hi Katie, After our conversation on Stackoverflow[1], I recommended you to rather use the user ML. This is not the user ML but the dev ML, which is for changes done in OFBIz, not using OFBiz
Moreover, your message has been moderated, else it would not have reached this Mailing List. Please subscribe to the user ML for such questions and then use your email client. See why here http://ofbiz.apache.org/mailing-lists.html. You will get a better support, people can answer you on the ML. The wider the audience the better the answers you might get. Also it's more work for moderators who have to accept your messages as long as you have not subscribed. I'll personally no longer accept them (other moderators still could). [1] https://stackoverflow.com/questions/62464533/ofbiz-configuration-on-production-site Thanks This said, the idea with letsencrypt is to install a free certificate and get freed from using anything else. The only thing you have to do is to follow letsencrypt tutos HTH Jacques Le 25/06/2020 à 08:14, Katie Qiu a écrit :
Hi, I'm new to OFBiz, Please check the steps I have taken and pointed out what I miss because it's not working on production site 1. I was able to make it work on localhost. I'm also able to access data that came with the project (ex: https://localhost:8443/webtools/control/entitymaint) 2. I installed SSL Certificate in Microsoft IIS for the project on production site my Windows Server 2012 (I was able to access https://www.mywebsitedomain.com now) a. I use virtual private server from IONOS and it provides me a free SSL. I imported .PFX file provided from IONOS, then the domain can be accessed as https b. As you suggested, I looked into https://letsencrypt.org/, but I didn't see any .PFX file neither other certificate files that IONOS provided me (on the OFBiz Product Setup page, it shows .cer files (which I also got from IONOS) is used to enter Keystore. Maybe I missed something. For now, I use SSL from IONOS, but if you think I should use Let's encrypt, then please let me know if have to have the .PFX and cer files 3. I installed Apache 24 on Windows server as well. I was able to access localhost and see the index page showing "it works" 4. I have edited "keystoreFile" and "KeyPass" in ofbiz-component at apache-ofbiz-17.12.03\framework\catalina <property name="keystoreFile" value="C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\apache-ofbiz-17.12.03\keystore.jks"/> <property name="keystoreType" value="JKS"/> <property name="keyAlias" value="ofbiz"/> <property name="keyPass" value="Mypassword"/> 5. I then tried to follow https://s.apache.org/vmemj and edit httpd.conf file and httpd-ssl.conf, but when trying to Start Apache 24, it gives me some error messages (I got no error before editing the two files). a. For httpd.conf: not recognizing some words like "RewriteEngine On" "Order".... b. For httpd-ssl.conf, for example, I get error "AH00526: Syntax error on line 177 of c:/Apache24/conf/extra/httpd-ssl.conf: SSLCertificate KeyFile: file 'c:/Apache24/conf/server.key' does not exit or is empty" - It's true, I don't have such file, but I'm not sure where I can get it. Thank you much for in advance
