[opencms-dev] Securing tomcat

Sat Nov 13 09:41:07 CET 2021

Thanks, Filip for the pointers. I did the setup interactively for now and it finished fine. I forgot that the user was  Admin/admin.

Christoph

> Am 12.11.2021 um 14:41 schrieb Filip.Kratochvil at ibacz.eu:
> 
> Hi Chris,
> 
> setup passwords are only database passwords. Root password is used for creating DB schema and classic opencms password is used for connection to the created schema. Database account for creating and connection can be same (e.g. root). You can change opencms user later in opencms.properties config file.
> 
> Here is documentation about setup script (but i didn't check it):
> https://documentation.opencms.org/opencms-documentation/server-installation/installing-opencms/the-setup-script/ <https://documentation.opencms.org/opencms-documentation/server-installation/installing-opencms/the-setup-script/>
> 
> For the secure https conenction to the opencms workplace, i'll recommend install apache with ssl certificate (you can use lets encrypt using certbot, its quite simple). Apache virtualhost settings documentation:
> https://documentation.opencms.org/opencms-documentation/server-installation/traditional-with-apache-webserver/apache-webserver-configuration/ <https://documentation.opencms.org/opencms-documentation/server-installation/traditional-with-apache-webserver/apache-webserver-configuration/>
> 
> Have fun :)
> 
> S pozdravem / Kind regards
> 
> Filip Kratochvil
> Web & Portal Consultant
> 
> IBA CZ, s.r.o.
> 
> 
> -----"opencms-dev" <opencms-dev-bounces at opencms.org <mailto:opencms-dev-bounces at opencms.org>> wrote: -----
> To: <opencms-dev at opencms.org <mailto:opencms-dev at opencms.org>>
> From: "Christoph Kukulies" 
> Sent by: "opencms-dev" 
> Date: 11/12/2021 12:38PM
> Subject: [opencms-dev] Securing tomcat
> 
> After having been off from working with Opencms for some time I’m turning back again and was about starting a fresh install of Opencms12.
> I installed tomcat9 on my ubuntu box and started install with mysite.org:8080/setup <http://mysite.org:8080/setup> and after having learnt again that I have to use the right mysql/mariadb password (which ist the „root“-password, right?, not the Opencms password), installation is running while I’m typing this.
> 
> But what distresses me a bit is that the connection is unsecure. My server is hosted outside and I’m doing this from home. I allowed my IP in the firewall so I can access port 8080 from my home machine, but the fact that the connection is unsecure, leaves a bad feeling.
> 
> I would rather secure my tomcat (haproxy later). Anyone knowing how to do this quickly?
> 
> Another thing: I believe to recall that I entered the same passwords for root and root(opencms). Is the opencms user really „root“ as filled in in the setup 
> fields or wasn’t it „admin"? Funnily the password doesn’t work to log into the opencms workplace.
> 
> Can I set the password manually in some configuration files? 
> 
> Help appreciated.
> 
> —
> Christoph
> 
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> https://lists.opencms.org/mailman/listinfo/opencms-dev <https://lists.opencms.org/mailman/listinfo/opencms-dev>
> 
> 
> 
> 
> Disclaimer:
> 
> The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it.
> It may contain confidential or legally privileged information.
> If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful.
> If you have received this communication in error, please notify us immediately by forwarding this email to ict at ibacz.eu and then delete it from your system.
> IBA Group is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> https://lists.opencms.org/mailman/listinfo/opencms-dev
> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opencms.org/pipermail/opencms-dev/attachments/20211113/b3eb4a78/attachment.htm>