Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

How to configure AEM for SSL only?

Avatar

Level 3

Hi,

I have followed this tutorial: SSL By Default

and now I would like to disable the "http" Access.

Where do I Need to configure this? There is a Felix HTTP Service OSGi configuration, but I'm not very sure how the Granite SSL Connector Config relates to the Felix HTTP Service config.

I tried once to simply disable http, but then I couldn't Access AEM anymore, also not via https.

Do I Need to enable then "https" in the Felix HTTP Service config? And does this config then uses the keystore from the ssl-service user?

Thanks for clarity here.

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor

Hello,

org.apache.felix.http (Apache Felix Jetty Based Http Service) seems to be deprecated [1]. The SSL settings are done through Granite SSL config com.adobe.granite.jetty.ssl.internal.GraniteSslConnectorFactory, which is why EM is not able to startup with https port.

For disabling http, you can route external traffic over https via Dispatcher or create a mapping under the etc/map to rewrite all the http requests to https.

[1] https://helpx.adobe.com/experience-manager/6-4/sites/developing/using/reference-materials/javadoc/de...

Regards,

Vishu

View solution in original post

4 Replies

Avatar

Administrator

Go to http://localhost:4502/system/console/configMgr

and Configure "Apache Felix Jetty Based Http" and remove check from Enable HTTP.

-kautuk



Kautuk Sahni

Avatar

Level 3

Hi @kautuksahni,

I have done this, but then the AEM instance is not available anymore, also not via the SSL configured port as I have already mentioned in my initial question.

I have checked this on a vanilla AEM instance.

Avatar

Correct answer by
Employee Advisor

Hello,

org.apache.felix.http (Apache Felix Jetty Based Http Service) seems to be deprecated [1]. The SSL settings are done through Granite SSL config com.adobe.granite.jetty.ssl.internal.GraniteSslConnectorFactory, which is why EM is not able to startup with https port.

For disabling http, you can route external traffic over https via Dispatcher or create a mapping under the etc/map to rewrite all the http requests to https.

[1] https://helpx.adobe.com/experience-manager/6-4/sites/developing/using/reference-materials/javadoc/de...

Regards,

Vishu

Avatar

Level 3

Hi @Vish_dhaliwal,
I am also facing the same issue. When tried to refer below blog, it says 404
https://helpx.adobe.com/experience-manager/6-4/sites/developing/using/reference-materials/javadoc/de...

Can you please share details?

Regards,

G Patil