troubleshooting Question

Problem with Liferay portal and SSL

Avatar of freymish
freymishFlag for United States of America asked on
Apache Web ServerWeb ServersSSL / HTTPS
4 Comments1 Solution4972 ViewsLast Modified:
We are trying to run a Liferay portal through a load balancer that provides SSL acceleration.  We installed the certificates on the LoadMaster and they work just fine.  The LoadMaster passes the GET request that comes in on port 443 to port 80 on the Tomcat server. What should happen, (please correct me if I am wrong on this) as the LoadMaster is set to re-write URLs to HTTPS, is that the Tomcat server responds to the GET request and answers on port 80.  The LoadMaster, as proxy, intercepts this and encrypts the response and at the same time changes any URLs in the reponse from HTTP to HTTPS.

The site loads fine and the initial redirect from the root to the /web/guest/home works as expected.  The login process, however, reverts us back to standard HTTP.  The "Sign In" button itself shows the link as HTTP://  Of the other links on the guest home page, some show up as SSL links like the "Sign In" under the "Welcome!" drop down but the "Home" link under the "Welcome!" drop down comes up as non-SSL.

So now we've logged in and gone back and changed the address of our page to SSL... Most things work fine when we navigate from section to section.  We do run into problems with entering information into actual portlets.  The navigation surrounding them is fine, but once you "enter" the portlet it reverts you back to http from SSL.

I can't imagine I am the first to see this but I have been unsuccessful in finding postings that reveal the fix for this.

Please help!

More details
Tomcat 6.0
Windows server 2003 with latest SP and patches
Kemp Technologies LoadMaster
Liferay Portal Standard Edition 5.1.2
Using CATALINA_BASE:   C:\liferay-portal-tomcat-6.0-5.1.2
Using CATALINA_HOME:   C:\liferay-portal-tomcat-6.0-5.1.2
Using CATALINA_TMPDIR: C:\liferay-portal-tomcat-6.0-5.1.2\temp
Using JRE_HOME:        C:\Program Files\Java\jdk1.6.0_11

Tomcat server.xml connector entry.. (the Kemp people suggested turning off keep alives)

    <Connector port="80" protocol="HTTP/1.1"
          redirectPort="443" URIEncoding="UTF-8" />
Tomcat starts up clean except for some duplicate listeners that are being ignored.    
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 4 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros