Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Enable secure cookies in AEM Cloud

danielkg
Level 1
Level 1

Hi,

 

What would be the right approach to enable secure cookies in AEM Cloud? I've been trying by adding org.apache.felix.http.cfg.json with the values below, but that doesn't seem to work. 

 

 

{
    "org.apache.felix.https.jetty.session.cookie.secure": "true",
    "org.apache.felix.proxy.load.balancer.connection.enable": "true"
}

 

 

The cookie I'm looking at specifically is the affinity cookie.

 

Thanks!

1 Accepted Solution
Asutosh_Jena_
Correct answer by
Community Advisor
Community Advisor

Hi @danielkg 

 

You can set header at the dispatcher v-host as well to set the cookie as secure.

 

Header edit Set-Cookie ^(.*)$ $1;Secure;SameSite=Strict

 

Thanks! 

View solution in original post

2 Replies
Asutosh_Jena_
Correct answer by
Community Advisor
Community Advisor

Hi @danielkg 

 

You can set header at the dispatcher v-host as well to set the cookie as secure.

 

Header edit Set-Cookie ^(.*)$ $1;Secure;SameSite=Strict

 

Thanks! 

View solution in original post

danielkg
Level 1
Level 1
Thanks for the help, I tried this approach and the Set Cookie header is not being overridden by that rule in my case. Is there a specific location in the vhost file where this should be placed? I'm adding it under <VirtualHost *:80><Directory />, and have also tried under <IfModule mod_headers.c> but it doesn't seem to work.