Tag Archives: ssl

Seafile SSL/HTTPS on IIS

Seafile SSL/HTTPS on IIS was a very interesting journey when I was trying to implement such change as it gave me some interesting facts that I have notice not well documented. In this article we will assume that you have already installed a running instance of your Seafile on your Windows Server but was server via HTTP only. So lets get started:

Additional Assumption

  • Seafile is running on its default ports 8000 and 8082
  • You already know how to get a SSL Certificate and Apply it on your SSL

Settings for your Seafile Server

  1. seahub_settings.pyFILE_SERVER_ROOT = ‘https://yourdomain.with.ssl/seafhttp’
  2. seafile.conf
    [fileserver]
    port = 8082[seahub]
    port = 8000
    fastcgi = false
  3. ccnet.confSERVICE_URL = https://yourdomain.with.ssl/

Settings for your IIS Server

  1. Install Application Request Routing Cache for your IIS Server via Web Platform Installer or by getting it on the web
  2. Create a website that will point to yourdomain.with.ssl on port 80 ONLY
  3. Open the web.config that will be created for that website and enter the following configuration<?xml version=”1.0″ encoding=”UTF-8″?>
    <configuration>
    <system.webServer>
    <rewrite>
    <rules>
    <rule name=”Redirect to HTTPS” enabled=”true” stopProcessing=”true”>
    <match url=”(.*)” />
    <action type=”Redirect” url=”https://{HTTP_HOST}/{R:1}” />
    </rule>
    </rules>
    </rewrite>
    </system.webServer>
    </configuration>
  4. Create another website that will point to yourdomain.with.ssl on port 443 ONLY
  5. Open the web.config that will be created for that website and enter the following configuration<?xml version=”1.0″ encoding=”UTF-8″?>
    <configuration>
    <location path=”” overrideMode=”Deny”>
    </location>
    <system.webServer>
    <security>
    <requestFiltering allowDoubleEscaping=”true” />
    </security>
    <rewrite>
    <rules>
    <clear />
    <rule name=”Redirect to HTTPS” enabled=”true” stopProcessing=”true”>
    <match url=”(.*)” />
    <conditions logicalGrouping=”MatchAll” trackAllCaptures=”false”>
    <add input=”{HTTPS}” pattern=”^OFF$” />
    </conditions>
    <action type=”Redirect” url=”https://{HTTP_HOST}/{R:1}” redirectType=”Permanent” />
    </rule>
    <rule name=”seafilehttp” stopProcessing=”true”>
    <match url=”seafhttp/(.*)” />
    <conditions logicalGrouping=”MatchAll” trackAllCaptures=”false” />
    <action type=”Rewrite” url=”http://127.0.0.1:8082/{R:1}” appendQueryString=”true” logRewrittenUrl=”true” />
    </rule>
    <rule name=”seafile” enabled=”true” stopProcessing=”true”>
    <match url=”(.*)” />
    <conditions logicalGrouping=”MatchAll” trackAllCaptures=”false” />
    <action type=”Rewrite” url=”http://localhost:8000/{R:1}” appendQueryString=”true” logRewrittenUrl=”true” />
    </rule>

    </rules>
    <outboundRules>
    <preConditions>
    <preCondition name=”ResponseIsHtml1″>
    <add input=”{RESPONSE_CONTENT_TYPE}” pattern=”^text/html” />
    </preCondition>
    </preConditions>
    </outboundRules>
    </rewrite>
    <httpErrors errorMode=”DetailedLocalOnly” />
    </system.webServer>
    </configuration>

  6. Next is the critical part that most tutorial missed to include as they don’t reflect the settings on Seafile Configuration.
  7. Now Login to your Seafile Admin Area webpage and navigate to Settings section
  8. On the SERVICE_URL enter https://yourdomain.with.ssl/
  9. On the FILE_SERVER_ROOT enter https://yourdomain.with.ssl/seafhttp
  10. Now you are done and navigation, download, and upload will now work properly.

God Bless!

Thanks,
Thomie

Creating a file to Download dynamically in an https / SSL connection

Hi there, 

Here is a tip when you are programming something that you want your file’s path to be hidden. It’s specially when its under a secure connection or https or SSL connection.

  1. Remember the mime type ea. image/jpg
  2. Remember the file name ea. image.jpg
  3. Remember not to put expiration and no-cache on your header
  4. Remember to open it on another tab or window as much as possible
  5. When you are debugging you can remove the headers so the file won’t be downloaded

Hope this tips can help you specially #3 because your download will fail on lower version of IE.

Thanks,