Configuring for HTTPS (safe.com) This documentation should be helpful to you.
Configuring for HTTPS (safe.com) This documentation should be helpful to you.
Thank you for answering!
I read the documentation.
In my case ( which is a standard way to host EC2 with SSL in AWS), SSL certificate is not attached to the EC2 instance but to the load balancer (ALB) .
EC2 instance listens to 80 port.
ALB listens to 443 port and forwards requests to EC2's 80 port.
Do I still have to flow the steps in the document above?
Thank you for answering!
I read the documentation.
In my case ( which is a standard way to host EC2 with SSL in AWS), SSL certificate is not attached to the EC2 instance but to the load balancer (ALB) .
EC2 instance listens to 80 port.
ALB listens to 443 port and forwards requests to EC2's 80 port.
Do I still have to flow the steps in the document above?
Hi @takashige ,
It's up to you whether you want to encrypt FME Server or not. A lot of customers are happy having the ALB deal with the certificates and sending HTTP request to the server. If you want to configure FME Server for HTTPS then you will also have to change the ALB redirects to use HTTPS. Either way, though your Services will need updating to reflect the ALB URL. https://docs.safe.com/fme/html/FME_Server_Documentation/AdminGuide/Set-Up-Load-Balancer.htm
Thank you for answering!
I read the documentation.
In my case ( which is a standard way to host EC2 with SSL in AWS), SSL certificate is not attached to the EC2 instance but to the load balancer (ALB) .
EC2 instance listens to 80 port.
ALB listens to 443 port and forwards requests to EC2's 80 port.
Do I still have to flow the steps in the document above?
Hi, @richardatsafe
Thank you for answering.
I've already followed the steps in "Configure FME Server with the Load Balancer URL" of the URL you mentioned.
I thought I could set redirection url somewhere in fmeServerConfig.txt or Web UI.
But it seems I was wrong.
I'm sorry for my poor understanding of English (which is not my 1st language) but let me confirm again. 🙏
> you will also have to change the ALB redirects to use HTTPS
So one of the collect setting for my case is ...
- ALB listens to 443 port
- user access to https://mysite.com
- ALB forwards the request to EC2's port 80
- Redirection url is http://mysite.com/fmeserver/ (port 80)
- ALB redirects the request on 80 port to 443
Am I right?
I'll try a bit more setting ALB on 443 port and EC2 on 80.
If I have no luck, I'll set EC2 on 443 port with self-signed SSL certificate .
Thank you again.
I solved the problem.
After all, all I had to do was changing proxyPort to "443" and scheme to "https" in <FMEServerDir>\\Utilities\\tomcat\\conf\\serer.xml.
Thank you.
I solved the problem.
After all, all I had to do was changing proxyPort to "443" and scheme to "https" in <FMEServerDir>\\Utilities\\tomcat\\conf\\serer.xml.
Thank you.
Thanks for posting the answer. I see where you are going with this now. Typically we only see the need for the server.xml configuration if you are using Azure AD or it's a gateway vs a load balancer. I'll add to the documentation to make this recommendation across the board for all load balancers / reverse proxies.