Hi Yang, You should have a look at https://letsencrypt.org/zh-cn/
HTH Jacques Le 28/08/2024 à 17:30, 雷咩咩 a écrit :
hi ofbiz users, I've successfully started ofbiz and reverse proxied by nginx, can visit by https://leiyang.icu/accounting/control/login. However, as I also have other websites using this domain(on some other locations), I'd like to configure ssl certificate for ofbiz on port 8443, and want to visit it by https://leiyang.icu:8443/accounting/control/login is it possible? I read the docs which says: ...omitted previous steps since my jks cert can be directly downloaded from my vendor, also has a password file containing the plain text password. 5. Import the Certificate into the keystore by running: "keytool -import -alias ssl -trustcacerts -file mysignedcert.cer -keystore [keystore name]" 6. Configure the framework\catalina\ofbiz-component.xml file to point to your new keystore and password: If using Tomcat (Catalina), which is the default, find the "catalina-container" -> "https-connector" -> "keystoreFile" and "keystorePass" properties and set them. I have configured framework\catalina\ofbiz-component.xml to be like this: <property name="https-connector" value="connector"> <property name="default" value="certificate"> <property name="certificateKeystoreFile" value="/home/ecs-user/certs/leiyang.icu.jks"/> <property name="certificateKeystorePassword" value="mypassword"/> but accessing 8443 url got insecure error. Could anyone tell me why, and how to investigate? My certificate is valid(otherwise my main site on 443 port cannot work). Must I run the keytool command? i see 8443 cert is still the apache one, seems my settings not work at all. My vendor provides following cert formats: Nginx pem/key, Tomcat pfx, Apache crt/key, IIS pfx, JKS jks, pem/key, root crt/cer Regards, Yang