Thanks Marcus, I've found another way to do it, more simple.
Thanks again. Alvaro ...... El sáb, 28-03-2020 a las 21:41 +0100, Marcus Schulz escribió: > Hello Alvaro, > > Yes, me. > > I configured SSL Apache straigt forward and then use the PLAIN > connector > of the tomcat. You cannot proxy with an SSL virtual host to another > SSL > connector as far as I know. > > > use that connector for tomcat: > > <Connector port="5080" protocol="HTTP/1.1" > connectionTimeout="20000" > redirectPort="5443" secure="true" scheme="https"/> > > Here is my apache vhost config: > <IfModule mod_ssl.c> > <VirtualHost *:443> > ServerAdmin [email protected] > ServerName meeting.mydomain.de > > DocumentRoot /var/www-meeting > TraceEnable Off > > ErrorDocument 404 /index.php > ErrorLog /var/log/apache2/meeting-error.log > > # Possible values include: debug, info, notice, warn, error, > crit, > # alert, emerg. > LogLevel warn > > CustomLog /var/log/apache2/meeting-access.log combined > Include /etc/letsencrypt/options-ssl-apache.conf > SSLCertificateFile /etc/letsencrypt/live/meeting.mydomain.de- > 0004/cert.pem > SSLCertificateKeyFile > /etc/letsencrypt/live/meeting.mydomain.de-0004/privkey.pem > SSLCertificateChainFile > /etc/letsencrypt/live/meeting.mydomain.de-0004/chain.pem > > ### OpenMeetings ### > ## Custom fragment > RewriteEngine On > RewriteCond %{REQUEST_URI} ^/$ > RewriteRule (.*) /openmeetings/ [R=301] > RewriteCond %{HTTP:Connection} Upgrade [NC] > RewriteCond %{HTTP:Upgrade} websocket [NC] > RewriteRule /(.*) ws://localhost:5080/$1 [P,L] > RedirectMatch ^/$ https://yourserver.de/openmeetings > ProxyPreserveHost On > > <Location /openmeetings> > Require all granted > ProxyPass http://localhost:5080/openmeetings > ProxyPassReverse http://localhost:5080/openmeetings > RewriteEngine On > RewriteRule ^/(.*) http://localhost:5080/$1 [P] > </Location> > <Location /open> > Require all granted > ProxyPass http://localhost:5080/open > ProxyPassReverse http://localhost:5080/open > </Location> > <Location /send> > Require all granted > ProxyPass http://localhost:5080/send > ProxyPassReverse http://localhost:5080/send > </Location> > <Location /idle> > Require all granted > ProxyPass http://localhost:5080/idle > ProxyPassReverse http://localhost:5080/idle > </Location> > <Location /close> > Require all granted > ProxyPass http://localhost:5080/close > ProxyPassReverse http://localhost:5080/close > </Location> > > </VirtualHost> > </IfModule> > > Hope that helps > > > > AJP13 could work also, but I did not test. > > Am 28.03.2020 um 18:04 schrieb Alvaro: > > Hello All, > > > > Some one have letsencrypt working rigt wit OpenMeetings-5 ? > > > > I have rights letsencrypt certificates, these are tested with > > apache web server ssl, at the same machine that OM, and the > > browsers say "Secure connection". > > > > I have so: > > > > <Connector port="5443" > > protocol="org.apache.coyote.http11.Http11AprProtocol" > > maxThreads="150" SSLEnabled="true" > > > <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" > > /> > > <SSLHostConfig> > > <Certificate > > certificateKeyFile="/etc/letsencrypt/live/your_true_domain/privkey. > > pem" > > certificateFile="/etc/letsencrypt/live/your_true_domain/cert.pem" > > certificateChainFile="/etc/letsencrypt/live/your_true_domain/fullch > > ain.pem" > > type="RSA" /> > > </SSLHostConfig> > > </Connector> > > > > ...but with this configuration the browsers say "not secure > > connection". > > > > 'Ve try in different ways but don't get it. > > > > If somebody know the right way, please tell it. > > > > Thanks > > > > Alvaro > > > > > > > > > > ------------------- > > > > > > > >
