How to set up your InterMine webapp to use https

You will need to use a CDN delivering https content (see Performance), for example https://cdn.intermine.org

Set the corresponding entry in ‘global.web.properties’, for example

head.cdn.location = https://cdn.intermine.org

You can also override this property by setting it directly in your mine.properties file.

Note

If you are moving your existing mine to https, please take care of updating also the following properties in the same mine.properties file:

• project.sitePrefix
• webapp.deploy.url
• webapp.baseurl

If you are using your own jbrowse server, this will now need to be served through https as well, and you will need to adjust also the property:

• jbrowse.install.url

Tomcat requirements

You should add a configuration to your tomcat server.xml in the Engine section, specifying the address of your proxy:

<Valve className="org.apache.catalina.valves.RemoteIpValve"
     protocolHeaderHttpsValue="https"
     remoteIpHeader="x-forwarded-for"
     requestAttributesEnabled="true"
     internalProxies="\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"
     protocolHeader="x-forwarded-proto" />

It is also good practice to limit access to tomcat port only to the host’s loopback address (localhost):

<Connector port="8080" protocol="HTTP/1.1"
        address="127.0.0.1"
        connectionTimeout="20000"
        URIEncoding="UTF-8"
        redirectPort="8443" />

---