5

i am using apache web server on localhost:80 and Geoserver served from tomcat on localhost:8080

I recently installed SSL certificate on apache and it works fine except for that i get the message that says i have insecure content which i thought they were GeoServer layers. So now I'm trying to enable SSL for GeoServer and have Openlayers content like htis https://example.org:8080/geoserver but still not sure what's the best approach to do that.

Ilia Choly
  • 18,070
  • 14
  • 92
  • 160
Shadin
  • 1,867
  • 5
  • 26
  • 37
  • You will need to provide: a) details of how httpd is proxied to Tomcat; b) details of the connector configuration used in Tomcat; c) details of how you configured SSL; and d) details of what content is reported as not secure. – Mark Thomas May 19 '14 at 09:31
  • 1
    appears that the link to the duplicated gis.stackexchange link in the Q has been removed.- consider removing from the question. – Peter Scott Oct 06 '15 at 15:31

1 Answers1

0

My suggestion: Add a (reverse) proxy in Apache and configure your web application that is connects only to the Apache proxying the GeoServer. 

ProxyPass "/geoserver"  "http://localhost:8080/geoserver"
ProxyPassReverse "/geoserver"  "http://localhost:8080/geoserver"

This way you only need to allow HTTPS in the firewall and nobody from outside will have the chance to reach GeoServers web interface unless you enable port 8080 on the firewall. Also see https://gis.stackexchange.com/q/4323/109339 for further details.

Please note that you should set the https://docs.geoserver.org/stable/en/user/configuration/globalsettings.html#proxy-base-url of GeoServer with the public reachable URL via your Apache, e.g. https://your-apache.com/geoserver - otherwise the absolute URLs generated from GeoServer in e.g. GetCapabilities start with http://localhost:8080/geoserver (which is not reachable anymore).

If you had not already Apache in use, I would recommend nginx.

bkiselka
  • 56
  • 6