更新SSL证书后发生Alfresco共享登录错误
更新SSL证书后发生Alfresco共享登录错误
提问于 2021-06-24 15:34:58
我使用的是Ubuntu机器上的Alfresco独立社区版,它使用的是已配置的域。SSL证书将在一周内过期,所以我更新了新域crt和密钥后,在nginx.conf更新,而登录到共享得到下面的错误,但旧的域仍然是活动的,并能够登录共享,即使是新域证书和密钥配置。
Something's wrong with this page...
We may have hit an error or something might have been removed or deleted, so check that the URL is correct.
Alternatively you might not have permission to view the page (it could be on a private site) or there could have been an internal error. Try checking with your IT team.
If you're trying to get to your home page and it's no longer available you should change it by clicking your name on the toolbarNginx.conf(旧配置文件)
events {}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
index index.html index.htm;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name old.domain.com;
return 301 https://$host$request_uri;
location / {
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 504 /50x.html;
location = /50x.html {
}
}
}
server{
listen 80;
listen 443 ssl;
server_name new.domain.com;
return 301 https://old.domain.com/share;
}
server {
listen 443 default ssl;
server_name old.domain.com;
access_log on;
ssl on;
ssl_certificate /etc/nginx/ssl/OLD.DOMAIN.COM.crt;
ssl_certificate_key /etc/nginx/ssl/old.domain.key;
location / {
client_max_body_size 4000M;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080;
sub_filter_types text/javascript;
sub_filter_once off;
sub_filter '<img src="http://www.alfresco.com/assets/images/logos/community-5.2-share.png' '<img src="test';
sub_filter '<a href="http://www.alfresco.com/services/support/communityterms/#support' '<a href="test';
}
}
}nginx配置(新)
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name new.domain.com;
return 301 https://$host$request_uri;
location / {
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 504 /50x.html;
location = /50x.html {
}
}
}
server {
listen 443 default ssl;
server_name new.domain.com;
access_log on;
ssl on;
ssl_certificate /etc/nginx/ssl/NEW.DOMAIN.COM.crt;
ssl_certificate_key /etc/nginx/ssl/new.domain.com.key;
location / {
client_max_body_size 4000M;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080;
}
}
}通过在web中类似的情况,有人建议更改参数,如端口号和代理传递,server.xml更改。可能是我错了,但我的问题是,在更新新的域名证书后,1年内安装工作正常,得到共享登录错误。
不要将旧证书存储或缓存为可通过旧域访问的共享,即使使用新证书更新nginx.conf也是如此。
任何想法或建议都将是很大的帮助,谢谢
Stack Overflow用户
回答已采纳
发布于 2021-06-25 14:06:00
你的错误发生在Alfresco本身,与证书无关。如果您检查了正确的日志(tomcat/logs/catalina.out),您应该会看到您的问题。
我的猜测是,您使用的主机名与配置的主机名不同,这将触发Alfresco共享中的CSRF令牌过滤器。
更改alfresco-global.properties中的share.host和alfresco.host,或者禁用或修改share-config-custom.xml中的CSRF令牌过滤器
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/68111418
复制相关文章
相似问题
腾讯云开发者
