1. Update “clientheaders.any” file (example location: /etc/httpd/conf)
“X-Forwarded-Proto”
2. Add the below to “dispatcher-vhosts.any” file (example location: /etc/httpd/conf.d)
1 2 3 4 |
NameVirtualHost *:443 <VirtualHost *:443> RequestHeader set X-Forward-Proto "https" </VirtualHost> |
3. Restart Apache (sudo /usr/sbin/apachectl restart)
4. Update the values in OSGI Config – Apache Felix Http Service SSL Fliter
SSL forward header: X-Forwarded-Proto
SSL forward value: https
5. Open AEM’s using https url and login. You can view the cookies on chrome/firefox and should see the httpOnly and Secure flags/attributes for “login-token” to be True/Checked.