come in the dspace slack and maybe I can help you On Tuesday, May 31, 2022 at 6:48:53 AM UTC-4 [email protected] wrote:
> I'm starting to think that it might not be possible to do this, but I'm > hoping someone will tell me how very wrong I am. > > I have a server that is in our institution's DC, which is behind an F5 > firewall and there is a wildcard Sectigo certificate installed. > > My dspace local.cfg has the following settings: > dspace.server.url = https://crdb.dut.ac.za/server > dspace.ui.url = https://crdb.dut.ac.za > > I requested a certificate and key from the administrator and have this in > /etc/apache2/sites-enabled/ssl.conf > > SSLCertificateFile /etc/certs/crdb.dut.ac.za/cert.pem > SSLCertificateKeyFile /etc/certs/crdb.dut.ac.za/privkey.pem > SSLCertificateChainFile /etc/certs/crdb.dut.ac.za/chain.pem > Include /etc/certs/options-ssl-apache.conf > > # Proxy all HTTPS requests to "/server" from Apache to Tomcat via AJP > connector > ProxyPass /server ajp://localhost:8009/server > ProxyPassReverse /server ajp://localhost:8009/server > > # Proxy all HTTPS requests from Apache to PM2 on port 4000 > ProxyPass / http://localhost:4000/ > ProxyPassReverse / http://localhost:4000/ > > config.prod.yml > ui: > ssl: false > host: localhost > port: 4000 > nameSpace: / > rest: > ssl: true > host: crdb.dut.ac.za > port: 443 > nameSpace: /server > > When I run yarn test:rest: > ...Testing connection to REST API at https://crdb.dut.ac.za/server/api... > > ERROR connecting to REST API > Error: unable to verify the first certificate > > As expected, if I run node ./dist/server/main.js, I get the dreaded 'No > _links section' error: > > GET / 500 1356.467 ms - 231171 > No _links section found at https://crdb.dut.ac.za/server/api > > Am I wasting my time with this, or has anybody managed to get this working > in a similar situation with a proxy firewall handing out a wildcard > certificate? > > Sean > -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/dacddc9f-bf10-4753-a5b5-c1fba284a0d4n%40googlegroups.com.
