Uploaded image for project: 'Activiti'
  1. Activiti
  2. ACTIVITI-636

Activiti: Need documentation for setting up HTTP2/SSL using NGINX reverse proxy against Activiti Enterprise Suite sample configuration

    Details

    • Type: Task
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: Alfresco Activiti 1.5.2.1
    • Fix Version/s: None
    • Component/s: Kickstart/Studio
    • Labels:
    • Environment:
      Activiti 1.5.2, NGINX/Apache reverse proxy
    • ACT Numbers:

      00772960

    • Sprint:
      Docs Sprint 18

      Description

      Issue and Enhancement Request
      Partner were able to configure Activiti over HTTPS after configure Tomcat over SSL(http 1.1). However, they are still unable to figure out how to configure Activiti against NGINX/Apache reverse proxy for SSL using HTTP2 protocol. The partner is hoping there is documentation which would details the steps to configure Activiti Enterprise against NGINX reverse proxy for SSL using HTTP 2.0 protocol.

      I have refer the customer to read NGINX official documentation for the moment.

      Original partner feedbacks

      1. That’s unfortunate that there is not any official support or documentation for getting Activiti secured over HTTPS. I understand that I’m sort of on my own to get this working if we’re not able to get something working here but please add this to some sort of feature request list or issue. I would be concerned if the majority of deployments were unsecured given the common use cases of BPM software like Activiti (demo scenarios are commonly in the healthcare and financial industry).
      2. Shortly after posting this case, I was able to configure SSL with Tomcat. Nginx would be nice to use as it is simpler and would support future enhancements we wish to use like ApplicationDevelopmentFramework which needs nginx in place.

      Question: While reading your nginx.conf, you are using ssl http2, not ssl (http 1.1), is that on purpose?
      Answer: Using HTTP2 is intentional. I wish to give our customer a deployment that runs with a slightly more modern protocol.

        TestRail: Results

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  jsotiropoulos John Sotiropoulos [X] (Inactive)
                  Reporter:
                  sliaw Seng Liaw
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:

                    TestRail: Cases