[Archivesspace_Users_Group] Setting up LDAP authentication and SSL

Michael Bond Michael.Bond at mail.wvu.edu
Wed Aug 10 13:22:43 EDT 2016


We run everything behind TLS (ssl), including both staff and public interfaces to archives space. We run archivesspace behind apache, using a proxy, which lets apache handle the certificates. You will need to do something along the lines of this, in your virtual host configuration:

ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/

Documentation: https://httpd.apache.org/docs/2.2/mod/mod_proxy.html

Michael Bond
WVU Libraries
Office: 304-293-0340
Mobile: 304-282-0640

________________________________________
From: archivesspace_users_group-bounces at lyralists.lyrasis.org <archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of Klish, Heather J <Heather.Klish at tufts.edu>
Sent: Wednesday, August 10, 2016 12:00 PM
To: archivesspace_users_group at lyralists.lyrasis.org
Subject: [Archivesspace_Users_Group] Setting up LDAP authentication and SSL

Hi everyone,

We’re getting ArchivesSpace set up for production and I was wondering if anyone is using LDAP authentication for their frontend (staff) interface and is using SSL - port 443?   To get this working, is it just a matter of changing the port number for the frontend and adding the AppConfig[:authentication_sources] stanza in the config file and getting an SSL certificate for the server?  Or is there something more complicated that needs to happen?  Are you running the entire frontend via https?

Thanks in advance,
Heather
. . . . . . . . . . . . . . . . . . . . . . . . . . . .
Heather Klish | Systems Librarian
TTS : Library Technology Services
Tufts University
heather.klish at tufts.edu<mailto:heather.klish at tufts.edu> | 617.627.5853




More information about the Archivesspace_Users_Group mailing list