Difficulties getting SCM Manager to run using SSL and a different port

[Caleb M]

Hell, am trying to use SCM Manager to host a Mercurial repository, running off of a CentOS box, and the accessing machines are Windows 7 (if it matters). I have gotten the default setup to work, however I would now like to move it off of port 8080, and also to use SSL. I have followed the instructions here, however no luck. I believe I have done the actual keygen and certificate placement correctly, but I could be wrong. I believe I screwed up the conf/server-config.xml, as at the end of the output when I run the server it says 

INFO sonia.scm.repository.HgHookManager - use http://[IP]:8080/scm/hook/hg/ for mercurial hooks

IP redaction mine.

My serverconfig.xml is here, stdout here, and stderr here I'm not sure exactly what else I should include though.

I have tried uncommenting line 58 (<Set name="forwarded">true</Set>), and changing the  <SystemProperty name="jetty.port" default="8080" /> line, however, I have not been able to get it to work, and in fact changing the jetty.port results in port binds.

Let me know what else I should provide you with!

[Sebastian Sdorra]

Does you ssl port work? The message of the hook manager, means only that scm-manager uses port 8080 for internal hook processing.

Sebastian

--
You received this message because you are subscribed to the Google Groups "scmmanager" group.
To unsubscribe from this group and stop receiving emails from it, send an email to scmmanager+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Caleb M]

I believe so. If I try to access the web interface, I can do so on 8080, but not on the desired port that is specified in the config.xml

[Caleb M]

So I've tried going through the instructions again, and I still can't seem to access the server. I have the SSL port set to 8181, however when I try to run 

hg id https://[IP]:8181/scm/hg/config

I get URLError: [Errno 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host failed to respond

I've tried accessing from both the command line, and TortoiseHG, and neither works. In my browser if I navigate to [IP]:8080, I can view the web interface however. I'm really not sure what it is I need to do to make this work.

[Sebastian Sdorra]

Do you have a firewall on your server? Can you try to access the port directly from the server?

Sebastian

--

[prs_govindarajan prs_govindarajan]

i have deployed scm-manager on apache tomcat i am not able configure https. could anybody advise please to enable the scm over https port

[Adeptus Astartes]

Hi! You changing not ssl port. And use http://[IP]:8080/scm/hook/hg/ it's not ssl use. See in config ssl-part - here you can find what is you ssl port. As default - it's 443 port.

вторник, 21 июля 2015 г., 17:13:13 UTC+3 пользователь Caleb M написал:

[Ilsa Loving]

FYI, getting SSL working with *any* Java-based server is difficult, for a variety of reasons.  Besides the difficulty in configuring the SSL certificate, java currently doesn't have a mechanism for dealing with ports <1024, so you are forced to run the application as root.  I shouldn't have to explain why that is very bad.

It is far simpler to just install a proxy such as nginx, which does handle port 443, and configure it to redirect to localhost:8080.  The below config snippet works for us:

server {

    listen 443;

    server_name ourserver;

    location / {

        return 301 /scm;

    }

    location /scm {

        proxy_pass http://localhost:8080;

        proxy_set_header X-Real-IP         $remote_addr;

        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;

        proxy_set_header X-Forwarded-Proto https;

        proxy_set_header Host $http_host;

client_max_body_size 2048m;

proxy_connect_timeout 600;

proxy_send_timeout 600;

send_timeout 600;

    }

}