How to go from http to https in flowable?

after i generated my self-signed certificate with its pair keys where i should configure it so i can perform https calls from flowable engine

Hi,

could you explain a bit more what you are trying to do?
Do you want the UI app(s) to have SSL / HTTPS enabled?
Or do you want to execute SSL calls from f.e. a HTTP task?

Regards,

Yvo

hi yvo,
thank you for your response,
i actually want ui app(s) https enabled

Regards,
ilias

hi
to be more specific im using flowable-all-in-one image docker i tried to copy the certifcat to the container and import it to the cacerts of the JVM of the container it says in the console that it is added successfully but when i try to call the apps with https it dosnt work i tried also to modifie server.xml in tamcat/conf but it didnt work also
im looking forward to your answer im new to flowable

Best regards

Hi.

Couple of things.
First. When deploying / running containers it’s common practice to handle SSL termination outside of the container. For example by placing a reverse proxy in front of it.

But if there is somehow a requirement to do it inside the container. This is also possible. Because Flowable UI uses Spring Security this is not a Flowable specific question but more Spring related.

Also; you’re referring to the flowable-all-in-one image. This more than 2 years old. Please use the flowable-ui image.

In short these are the required steps.

keytool -genkeypair -alias springboot -keyalg RSA -keysize 4096 -storetype PKCS12 -keystore springboot.p12 -validity 3650 -storepass password

docker run --rm --name flowable-ui \
-p 443:8443 \
-v springboot.p12:/keystore.p12 \
flowable/flowable-ui:6.7.2 \
--server.ssl.key-store=file:/keystore.p12 \
--server.ssl.key-store-password=password \
--server.ssl.key-store-type=pkcs12 \
--server.ssl.key-alias=springboot \
--server.ssl.key-password=password \
--server.port=8443

This will start the servlet container on port 8443 (mapped to 443). Using the provided keystore for SSL.

Hope this helps.

Regards,

Yvo

hi yvo,
i really appreciate your answer,
still doesn’t work it tells me that “Short read of DER length” i tryed to convert the key to “.der” instead of “.p12” but it seems that it can’t be converted cuz it not a certificat its just keypairs
i’m sorry for bothering you, looking forward to your reply

Thank you again,
ilias

Hi.

I’m sorry you aren’t able to get it working.

I think the procedure to configure the servlet container within the docker container is clear now.
But this is really something specific to keystore / certificate formats and not a Flowable (Docker) related question.

Regards,

Yvo