Issue and Enhancement Request
Partner were able to configure Activiti over HTTPS after configure Tomcat over SSL(http 1.1). However, they are still unable to figure out how to configure Activiti against NGINX/Apache reverse proxy for SSL using HTTP2 protocol. The partner is hoping there is documentation which would details the steps to configure Activiti Enterprise against NGINX reverse proxy for SSL using HTTP 2.0 protocol.
I have refer the customer to read NGINX official documentation for the moment.
Original partner feedbacks
- That’s unfortunate that there is not any official support or documentation for getting Activiti secured over HTTPS. I understand that I’m sort of on my own to get this working if we’re not able to get something working here but please add this to some sort of feature request list or issue. I would be concerned if the majority of deployments were unsecured given the common use cases of BPM software like Activiti (demo scenarios are commonly in the healthcare and financial industry).
- Shortly after posting this case, I was able to configure SSL with Tomcat. Nginx would be nice to use as it is simpler and would support future enhancements we wish to use like ApplicationDevelopmentFramework which needs nginx in place.
Question: While reading your nginx.conf, you are using ssl http2, not ssl (http 1.1), is that on purpose?
Answer: Using HTTP2 is intentional. I wish to give our customer a deployment that runs with a slightly more modern protocol.