AEM Cloud Service - Setup Local SDK Docker Dispatcher https ssl using self-signed certs

Setup up Local sdk Dispatcher with Https/SSL, so the author/publish/dispatcher flow can be tested with https (unlike live sites where the ssl terminates at load balancer, it terminates at dispatcher here...) 

1) Download SDK Dispatcher tools and extract to a local drive

2) copy paste dispatcher\bin\docker_run.cmd as dispatcher\bin\docker_run_https.cmd and change docker run command (directing docker to pass-on requests to port 8443)

                   docker run --rm -p %localport%:80 %volumes% %envvars% %imageurl%


                    docker run --rm -p %localport%:8443 %volumes% %envvars% %imageurl%

3) Generate self-signed public/private key certs using OpenSSL

                 set OPENSSL_CONF=C:/dev/install/OpenSSL-Win64/bin/openssl.cfg

                 openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out eaem.crt -keyout eaem.key

4) Place the generated eaem.crt and eaem.key files in project dispatcher conf.d folder eg. eaem-ssl-dsipatcher-sample\dispatcher\src\conf.d

5) In your project vhost file eg. eaem-ssl-dsipatcher-sample\dispatcher\src\conf.d\available_vhosts\eaem.vhost add a virtual host configuration for ssl on port 8443; provide the path to public cert and key files added above...

LoadModule ssl_module modules/

Listen 8443
<VirtualHost *:8443>
SSLEngine on
SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2
SSLCertificateFile conf.d/eaem.crt
SSLCertificateKeyFile conf.d/eaem.key

ServerName "publish"
# Put names of which domains are used for your published site/content here
ServerAlias "*"

6) Start Docker using docker_run_https.cmd command (running the following command Docker listens on default https port 443 and forwards the request to apache container listening on port 8443 for https)

                  bin\docker_run_https C:/dev/projects/eaem-ssl-dsipatcher-sample/dispatcher/src host.docker.internal:4503 443

7) Access a sample page using https eg. https://localhost/content/ eaem-ssl-dsipatcher-sample/us/en/home.html

No comments:

Post a Comment