How Do I enable the 443 port in dataverse 6.5

[Mansoor Koormath]

Dear Team,

      I have hosted the dataverse 6.5 in RHEL9 on AWS. I have edited the fqdn and replaced the 8080 port with the 443 in domain.xml. However, the 443 port is not working for me. I am using Payara6 and Glassfish as an application server. Could someone help me to resolve this issue?

Regards

Mansoor Koormath

[Don Sizemore]

Hello,

You'll probably want to use a proxy for SSL termination, such as nginx or Apache: https://guides.dataverse.org/en/latest/installation/config.html#network-ports

For Apache without Shibboleth, you could reference Dataverse-Ansible's basic proxy config: https://github.com/gdcc/dataverse-ansible/blob/develop/templates/http.proxy.conf.j2

I hope this helps?

Don

--
You received this message because you are subscribed to the Google Groups "Dataverse Users Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dataverse-commu...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/dataverse-community/4736600e-4cb3-418a-8ac3-6184d1512957n%40googlegroups.com.

[Mansoor Koormath]

Dear Don Sizemore,

Thank you for your response. Let me try this configuration.

Regards

Mansoor Koormath

To view this discussion visit https://groups.google.com/d/msgid/dataverse-community/CAPfMOaxtVRgLj2kp8p-WxWOkTTrieP_zbGymKHZSnCfszZ33BQ%40mail.gmail.com.

[Mansoor Koormath]

  Dear Don Sizemore,

        We have added the 443 port in the domain XML, which works now. However, we are getting an error on the domain stating that "Not Secure". Could you please let me know how we can resolve this issue? Additionally, I got a suggestion from ChatGPT to resolve this issue. Please check the attached document and let me know whether these steps will work there or not, and also request you to suggest if any necessary changes are required to the steps mentioned in the document. Thank you in advance for your help.

Regards

Mansoor Koormath

[Kirill Batyuk]

You would get Domain Not Secure if you do not have an SSL certificate installed.

The best way to do it is via Apache with a reverse proxy. Make sure to get an SSL certificate before you continue. You will need it for dataverse-httpd.conf file

Don’t forget to add HSTS (HTTP Strict Transport Security) for better security.

Keep the port Payara serves at 8080.

Create two files in /etc/httpd/conf.d

dataverse-httpd.conf and dataverse.conf

dataverse-httpd.conf will forward port 8080 to 443, assign an SSL certificate and enforce HSTS

dataverse.conf will ensure that port 80 is always forwarded to port 443

See the attached files for the sample config. Replace parts as needed with your parameters, for example, dataverse.server.com should be replaced with your domain. ad...@server.com should be replaced with a proper email, and the SSL certificate and key location should be the location of your certificate and key.

Make sure that Apache is set to start on restart. (sudo systemctl enable httpd)

Once the config files are created, restart Apache (sudo apachectl restart), and you should be good to go.

 

 

Kirill Batyuk

Systems Librarian

MBLWHOI Library

Data Library and Archives

Woods Hole Oceanographic Institution

508-289-2850

kba...@whoi.edu

mblwhoilibrary.org -- whoi.edu

 

 

 

 

 

From: dataverse...@googlegroups.com <dataverse...@googlegroups.com> On Behalf Of Mansoor Koormath
Sent: Wednesday, June 18, 2025 8:49 AM
To: dataverse...@googlegroups.com
Subject: [EXTERNAL] Re: [Dataverse-Users] How Do I enable the 443 port in dataverse 6.5

 

You don't often get email from koormat...@gmail.com. Learn why this is important

This email originated outside of WHOI. Please use caution if clicking on links or opening attachments.

To view this discussion visit https://groups.google.com/d/msgid/dataverse-community/CAC8Un-3pcw0YLN68n45t3_k0O1-Uvr6FXXBgyphpH3xRKYn7vw%40mail.gmail.com.

[Mansoor Koormath]

Dear Kirill Batyuk,

Thank you so much for your quick response. Let me try the steps you provided. The IT department has already installed the SSL certificate. However, it has not identified the system. Do we need to change the FQDN name and port in the domain.xml? OR do we need to keep the IP or name in the JVM option and keep the 8080 port?

Regards

Mansoor Koormath

To view this discussion visit https://groups.google.com/d/msgid/dataverse-community/SJ2PR16MB5796069D19175849A7CBB331C272A%40SJ2PR16MB5796.namprd16.prod.outlook.com.

[Kirill Batyuk]

If you are using Apache, do not change domain.xml. Keep it as it is. Apache will forward your port to 443 based on the configuration.

In configuration, you must assign the directory of ssl certificate and key. Everything must stay the same as when you first installed it. Apache will proxy it.

To view this discussion visit https://groups.google.com/d/msgid/dataverse-community/CAC8Un-3Rgd-EpwrDL3joG9eU0jJT4nQxLNawr%3D3AFRXMDhqoiw%40mail.gmail.com.

[Mansoor Koormath]

Dear Kirill Batyuk,

Thank you for your response.

Regards

Mansoor Koormath

To view this discussion visit https://groups.google.com/d/msgid/dataverse-community/SJ2PR16MB5796519F3C85062176CABD4AC272A%40SJ2PR16MB5796.namprd16.prod.outlook.com.

[Mansoor Koormath]

Dear Kirill Batyuk,

   I have tried this method. The httpd services are running. However, the dataverse instance is not loading after starting the httpd. Then I have tried to start the domain as an admin. However, the dataverse instance is not coming up. The dataverse instance is loading once I stop the httpd service. If you don't mind, let me know what the reason for this issue could be. Thank you.

Regards

Mansoor Koormath

[Kirill Batyuk]

My guess is it is not starting because you have not removed port 443 from domain.xml. Since port 443 is used by Apache, Dataverse would fail to start because the port is in use. As I said before, domain.xml should be unmodified.

 

 

Kirill Batyuk

Systems Librarian

MBLWHOI Library

Data Library and Archives

Woods Hole Oceanographic Institution

508-289-2850

kba...@whoi.edu

mblwhoilibrary.org -- whoi.edu

 

 

 

From: dataverse...@googlegroups.com <dataverse...@googlegroups.com> On Behalf Of Mansoor Koormath
Sent: Saturday, June 21, 2025 8:18 AM
To: dataverse...@googlegroups.com
Subject: Re: [EXTERNAL] Re: [Dataverse-Users] How Do I enable the 443 port in dataverse 6.5

 

You don't often get email from koormat...@gmail.com. Learn why this is important

This email originated outside of WHOI. Please use caution if clicking on links or opening attachments.

Dear Kirill Batyuk,

 

   I have tried this method. The httpd services are running. However, the dataverse instance is not loading after starting the httpd. Then I have tried to start the domain as an admin. However, the dataverse instance is not coming up. The dataverse instance is loading once I stop the httpd service. If you don't mind, let me know what the reason for this issue could be. Thank you.

 

 

Regards

 

Mansoor Koormath

To view this discussion visit https://groups.google.com/d/msgid/dataverse-community/CAC8Un-0WceW2wXJ9VtxJPTsfHCS0JWsm8o1OeMpwFJyROty7tg%40mail.gmail.com.

[Mansoor Koormath]

Dear Kirill Batyuk,

Thank you for your email and support. We can now secure our domain. 

Regards

Mansoor Koormath

To view this discussion visit https://groups.google.com/d/msgid/dataverse-community/SJ2PR16MB579622023FCF4B1D9DBB6112C279A%40SJ2PR16MB5796.namprd16.prod.outlook.com.