Please note that Aggregate is no longer being updated. We recommend you use Central instead. You can even migrate your data over if you need to keep the old data.
Before proceeding, make sure you have a verified working backup and a way to rollback to said backup.
Depending on the version of Aggregate you have, you should be able to install a newer version over the top and it'll keep your old data. That to me is the simplest way to proceed.
If you really want to proceed with transitioning to SSL without installing over the top, the rough steps are...
-
Find
ODKAggregate-settings.jar, unjar it, findsecurity.propertiesand set the following. Don't changesecurity.server.realm.realmStringbecause it'll invalidate your passwords.security.server.hostname=example.com security.server.secureChannelType=REQUIRES_SECURE_CHANNEL security.server.channelType=REQUIRES_SECURE_CHANNELNow, rejar
ODKAggregate-settings.jar. Changing Aggregate IP to URL has a Bash script that does some of this. The tricky part is making sure thesecurity.propertiesare in the right place when you rejar. -
Then you'll need to edit your Tomcat's server.xml to redirect 80 to 443. It'll look something like this.
<Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000" URIEncoding="UTF-8" redirectPort="443" /> <Connector port="443" protocol="org.apache.coyote.http11.Http11AprProtocol" SSLCertificateFile="/etc/acme.sh/example.com/cert.pem" SSLCertificateKeyFile="/etc/acme.sh/example.com/key.pem" SSLCertificateChainFile="/etc/acme.sh/example.com/fullchain.pem" URIEncoding="UTF-8" />
Again, it's been a long time since I did this and I'm certainly not recommending you do it. I'm just providing the information.