Adding HTTPS in DSpace 7.5
522 views
Skip to first unread message
Alameer
Dec 25, 2023, 1:58:51 PM12/25/23
to DSpace Technical Support
Hi
I have installed DSpace 7.5 on Ubuntu 22.04, both the backend and the front end on the same VPS server. It worked for a few days with the URL mysubdomain.edu:4000, but then showed the message 500 Service Unavailable.
Now I'm trying to reconfigure the server to use the COMODO SSL TrustLogo I got for the server. I installed Nginx to add HTTPS to my server, and I changed the configuration like this:
#NGINX CONFIG
server {
listen 80;
server_name mysubdomain.edu;
rewrite ^ https://mysubdomain.edu permanent;
}
server {
listen 443 ssl;
server_name mysubdomain.edu;
ssl_certificate /etc/ssl/bundle.crt;
ssl_certificate_key /etc/ssl/mysubdomain.edu.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
location /server {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:8080/server;
}
location / {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:4000;
}
location /solr {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:8983/solr/;
}
}
#BACKEND local.cfg
dspace.server.url = https://mysubdomain.edu/server
dspace.ui.url = https://mysubdomain.edu
solr.server = https://mysubdomain.edu:8983/solr
#FRONTEND config.prod.yml
ui:
ssl: false
host: localhost
port: 4000
nameSpace: /
rest:
ssl: true
host: mysubdomain.edu
port: 443
Namespace: /server
#TOMCAT
<Connector port="8080" protocol="HTTP/1.1"
minSpareThreads="25"
enableLookups="false"
connectionTimeout="20000"
disableUploadTimeout="true"
URIEncoding="UTF-8"/>
<Connector protocol="AJP/1.3" port="8009" redirectPort="8443" URIEncoding="UTF-8" />
#dspace-ui.json
{
"apps": [
{
"name": "dspace-ui",
"cwd": "/root/dspace-frontend/",
"script": "dist/server/main.js",
"instances": "max",
"exec_mode": "cluster",
"env": {
"NODE_ENV": "production",
"DSPACE_UI_SSL": "false",
"DSPACE_UI_HOST": "localhost",
"DSPACE_UI_PORT": "4000",
"DSPACE_UI_NAMESPACE": "/",
"DSPACE_REST_SSL": "true",
"DSPACE_REST_HOST": "mysubdomain.edu",
"DSPACE_REST_PORT": "443",
"DSPACE_REST_NAMESPACE": "/server"
}
}
]
}
yarn test:rest
yarn run v1.22.19
$ ts-node --project ./tsconfig.ts-node.json scripts/test-rest.ts
Building production app config
Overriding app config with /root/dspace-frontend/config/config.yml
Overriding app config with /root/dspace-frontend/config/config.prod.yml
...Testing connection to REST API at https://mysubdomain.edu/server/api...
RESPONSE: 404
ERROR: INVALID DSPACE REST API! Response is not valid JSON!
The Frontend still shows the same error 500 Service Unavailable at the URL https://mysubdomain.edu/ although the browser shows the connection is secure. Also, I can't access the Backend using the URL
https://mysubdomain.edu/server/api, it shows the message HTTP Status 404 – Not Found.
The firewall is active and allows traffic on ports 80, 4000, 443/TCP, Nginx HTTPS, and Nginx Full.
I don't know if I have something misconfigured or missing on my server or if I should edit it.
Please, if anyone has advice for me, I would appreciate the help.
Thanks,
Hajar
I have installed DSpace 7.5 on Ubuntu 22.04, both the backend and the front end on the same VPS server. It worked for a few days with the URL mysubdomain.edu:4000, but then showed the message 500 Service Unavailable.
Now I'm trying to reconfigure the server to use the COMODO SSL TrustLogo I got for the server. I installed Nginx to add HTTPS to my server, and I changed the configuration like this:
#NGINX CONFIG
server {
listen 80;
server_name mysubdomain.edu;
rewrite ^ https://mysubdomain.edu permanent;
}
server {
listen 443 ssl;
server_name mysubdomain.edu;
ssl_certificate /etc/ssl/bundle.crt;
ssl_certificate_key /etc/ssl/mysubdomain.edu.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
location /server {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:8080/server;
}
location / {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:4000;
}
location /solr {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:8983/solr/;
}
}
#BACKEND local.cfg
dspace.server.url = https://mysubdomain.edu/server
dspace.ui.url = https://mysubdomain.edu
solr.server = https://mysubdomain.edu:8983/solr
#FRONTEND config.prod.yml
ui:
ssl: false
host: localhost
port: 4000
nameSpace: /
rest:
ssl: true
host: mysubdomain.edu
port: 443
Namespace: /server
#TOMCAT
<Connector port="8080" protocol="HTTP/1.1"
minSpareThreads="25"
enableLookups="false"
connectionTimeout="20000"
disableUploadTimeout="true"
URIEncoding="UTF-8"/>
<Connector protocol="AJP/1.3" port="8009" redirectPort="8443" URIEncoding="UTF-8" />
#dspace-ui.json
{
"apps": [
{
"name": "dspace-ui",
"cwd": "/root/dspace-frontend/",
"script": "dist/server/main.js",
"instances": "max",
"exec_mode": "cluster",
"env": {
"NODE_ENV": "production",
"DSPACE_UI_SSL": "false",
"DSPACE_UI_HOST": "localhost",
"DSPACE_UI_PORT": "4000",
"DSPACE_UI_NAMESPACE": "/",
"DSPACE_REST_SSL": "true",
"DSPACE_REST_HOST": "mysubdomain.edu",
"DSPACE_REST_PORT": "443",
"DSPACE_REST_NAMESPACE": "/server"
}
}
]
}
yarn test:rest
yarn run v1.22.19
$ ts-node --project ./tsconfig.ts-node.json scripts/test-rest.ts
Building production app config
Overriding app config with /root/dspace-frontend/config/config.yml
Overriding app config with /root/dspace-frontend/config/config.prod.yml
...Testing connection to REST API at https://mysubdomain.edu/server/api...
RESPONSE: 404
ERROR: INVALID DSPACE REST API! Response is not valid JSON!
The Frontend still shows the same error 500 Service Unavailable at the URL https://mysubdomain.edu/ although the browser shows the connection is secure. Also, I can't access the Backend using the URL
https://mysubdomain.edu/server/api, it shows the message HTTP Status 404 – Not Found.
The firewall is active and allows traffic on ports 80, 4000, 443/TCP, Nginx HTTPS, and Nginx Full.
I don't know if I have something misconfigured or missing on my server or if I should edit it.
Please, if anyone has advice for me, I would appreciate the help.
Thanks,
Hajar
DSpace Technical Support
Jan 16, 2024, 11:58:45 AM1/16/24
to DSpace Technical Support
Hi Hajar,
If you are still having these issues, I'd recommend first figuring out why your backend is not accessible at the URL you defined. Perhaps check the DSpace or Tomcat logs for errors.
Whenever the backend is inaccessible, the frontend may throw errors. So, it's possible the frontend is only throwing errors because it cannot communicate with the backend. A 500 error usually is a sign that the backend isn't working. See our common installation issues for more details: https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-CommonInstallationIssues
If you are still having these issues, I'd recommend first figuring out why your backend is not accessible at the URL you defined. Perhaps check the DSpace or Tomcat logs for errors.
Whenever the backend is inaccessible, the frontend may throw errors. So, it's possible the frontend is only throwing errors because it cannot communicate with the backend. A 500 error usually is a sign that the backend isn't working. See our common installation issues for more details: https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-CommonInstallationIssues
Tim
Reply all
Reply to author
Forward
0 new messages