You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@archiva.apache.org by Karl-Philipp Richter <kr...@posteo.de> on 2017/05/07 12:56:34 UTC

How to enforce SSL with trusted letsencrypt.org certificate in Apache Archiva standalone 2.2.1?

Hi,
I'd like to use/enforce SSL with a trusted letsencrypt.org certificate
for an Apache Archiva standalone 2.2.1 instance on Ubuntu 17.04.

I didn't find any information in the Archiva website/documentation. [The
setup for SSL usage on Jetty is
painful](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html),
so I want to make sure that it's necessary to go through it, that it's
compatible with Archiva 2.2.1 (and possibly others) (no patched versions
of Jetty in Archiva, etc.) and that there's no easier way. I came across
http://stackoverflow.com/questions/30871001/how-to-setup-apache-archiva-to-use-https-instead-of-http
and
http://stackoverflow.com/questions/33229543/how-to-configure-ssl-with-archiva
which both suggest to use a httpd proxy which I don't want.

Don't hesitate answering on SO questions (if you support the
format/closeness) since Q&A is much more constructive than mailing lists.

-Kalle

Re: How to enforce SSL with trusted letsencrypt.org certificate in Apache Archiva standalone 2.2.1?

Posted by Martin <ma...@apache.org>.

Hi,

you have to setup jetty for SSL, if you would like to use the standalone 
distribution. Or use a reverse proxy (apache httpd) in front of the server. 
Or a more lightweight SSL forwarder like stunnel. But currently, we have no 
out-of-the-box solution.
If you are more familiar with tomcat configuration, you may use the WAR file 
of archiva and deploy it on a tomcat server.

Greetings

Martin

Am Sonntag, 7. Mai 2017, 14:56:34 CEST schrieb Karl-Philipp Richter:
> Hi,
> I'd like to use/enforce SSL with a trusted letsencrypt.org certificate
> for an Apache Archiva standalone 2.2.1 instance on Ubuntu 17.04.
> 
> I didn't find any information in the Archiva website/documentation. [The
> setup for SSL usage on Jetty is
> painful](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.
> html), so I want to make sure that it's necessary to go through it, that
> it's compatible with Archiva 2.2.1 (and possibly others) (no patched
> versions of Jetty in Archiva, etc.) and that there's no easier way. I came
> across
> http://stackoverflow.com/questions/30871001/how-to-setup-apache-archiva-to-> use-https-instead-of-http and
> http://stackoverflow.com/questions/33229543/how-to-configure-ssl-with-archiv
> a which both suggest to use a httpd proxy which I don't want.
> 
> Don't hesitate answering on SO questions (if you support the
> format/closeness) since Q&A is much more constructive than mailing lists.
> 
> -Kalle