[Archivesspace_Users_Group] Securing ArchivesSpace with SSL and request emails
Huebschen, Alan M
ahueb2 at uis.edu
Wed Oct 3 12:29:45 EDT 2018
I've been working on implementing ArchivesSpace at our institution and am currently in the process of securing the application. I've set it up according to the documentation found in the README_HTTPS file<https://github.com/archivesspace/archivesspace/blob/master/README_HTTPS.md> and things have gone mostly well. The site is secured, besides the fact that when requesting items within a listing. When the request email is sent out, originally the URL it included cited "localhost" which wouldn't lead anywhere. This was half-solved by changing the URL in ArchivesSpace's config.rb to match the server URL, but the only problem is this is sending an HTTP instead of HTTPS, so when someone would try to follow the emailed link they end up on port 80 instead of 443. I attempted to modify the views files that determine the content of the emails, which either provided no change or just broke the email request system. I have also tried using apache's rewrite module to direct all HTTP requests to HTTPS, but it seems that ArchivesSpace intercepts the request and the connection ends up not being secured.
Does anyone have a suggestion on how to ensure the links in request emails are not only correct, but lead to a secured URL? Any help would be greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Archivesspace_Users_Group