Configure remote AEM 6.5 over https | Community
Skip to main content
P
pradeepdubey82
Level 5
March 16, 2023
Solved

Configure remote AEM 6.5 over https

  • March 16, 2023
  • 1 reply
  • 1261 views

Hi All,

 

I am using AEM6.5 SP13 in Amazon AWS cloud.

Requirement is to configure author over https

Referred below link

https://experienceleague.adobe.com/docs/experience-manager-learn/foundation/security/use-the-ssl-wizard.html?lang=en#:~:text=Adobe%20Experience%20Manager's%20SSL%20setup,instance%20to%20run%20over%20HTTPS.&text=Open%20the%20SSL%20Configuration%20Wizard,Tools%20%3E%20Security%20%3E%20SSL%20Configuration.

 

It is talking about localhost of AEM. Our AEM instance is running on remote machine on AWS cloud.

Currently there is no dispatcher configured in front of author.

What are the steps to configure remote author over https. Appreciate any help.

 

Thanks,

Pradeep

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by martin_ecx_io

this is where use of the dispatcher and potentially loadbalancer makes sense, as you can then map a proper domain main to the server and expose it safely with relevant allow lists etc if you need to limit access to specific source IP ranges (eg your office locations).

1 reply

martin_ecx_io
Community Advisor and Adobe Champion
martin_ecx_ioCommunity Advisor and Adobe Champion
Community Advisor and Adobe Champion
March 16, 2023

Configuration of HTTPS for the AEM Author is only possible by initially connecting over HTTP as out of the box AEM doesn't support HTTPS connections.

 

If it's a remote machine as in your case running in AWS Cloud, you could avoid exposing it publicly via HTTP by using an SSH tunnel from your local machine into the host running the AEM author.

This AWS doc gives some info on how to create an SSH tunnel: https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-ssh-tunnel.html#emr-ssh-tunnel-win

 

Using a browser plugin such as Foxy Proxy you can configure it to route traffic to specific IP addresses (eg the internal IP of your AEM Author host) via the SSH tunnel, meaning traffic leaving your machine is going over this secure SSH tunnel and not in the clear across the internet.

 

Configuring HTTPS on the AEM author though isn't a replacement for the dispatcher for accessing the Author as the dispatcher includes additional filtering functionality designed to block access to certain paths etc.

In most cases you would terminate the public HTTPS connection at the dispatcher, or potentially a load balancer within your AWS setup.  Use of HTTPS on the author and publish instances enables you to also have the connection between dispatcher and the AEM instances happening over HTTPS.

    P
    pradeepdubey82Author
    Level 5
    March 16, 2023

    Not only from my machine, anyone within my team or client team should be able to access over https only.

    So I am thinking this should be done at server level and not at AEM level. I would reach out to IT support team to assist on this.

     

    Thanks,

    Pradeep

      martin_ecx_io
      Community Advisor and Adobe Champion
      martin_ecx_ioCommunity Advisor and Adobe ChampionAccepted solution
      Community Advisor and Adobe Champion
      March 16, 2023

      this is where use of the dispatcher and potentially loadbalancer makes sense, as you can then map a proper domain main to the server and expose it safely with relevant allow lists etc if you need to limit access to specific source IP ranges (eg your office locations).

        Terms & ConditionsAccessibility statement

        Loading footer...