Deploy your Bitnami Alfresco Community Stack on Bitnami Cloud Hosting now! Launch Now

Alfresco Community for Bitnami Cloud Hosting


Alfresco is an open source, Enterprise Content Management (ECM) system that includes a repository for all types of documents and records and an integrated business process management solution.

First steps with the Bitnami Alfresco Community Stack

Welcome to your new Bitnami application running on Bitnami Cloud Hosting! Here are a few questions (and answers!) you might need when first starting with your application.

What credentials do I need?

You need two sets of credentials:

  • The application credentials that allow you to log in to your new Bitnami application. These credentials consist of a username and password.
  • The server credentials that allow you to log in to your Bitnami Cloud Hosting server using an SSH client and execute commands on the server using the command line. These credentials consist of an SSH username and key.

What is the administrator username set for me to log in to the application for the first time?

Username: admin

What SSH username should I use for secure shell access to my application?

SSH username: bitnami

What are the default ports?

A port is an endpoint of communication in an operating system that identifies a specific process or a type of service. Bitnami stacks include several services or servers that require a port.

IMPORTANT: Making this application's network ports public is a significant security risk. You are strongly advised to only allow access to those ports from trusted networks. If, for development purposes, you need to access from outside of a trusted network, please do not allow access to those ports via a public IP address. Instead, use a secure channel such as a VPN or an SSH tunnel. Follow these instructions to remotely connect safely and reliably.

Port 22 is the default port for SSH connections.

Bitnami opens some ports for the main servers. These are the ports opened by default: 80, 443.

How to start or stop the services?

Each Bitnami stack includes a control script that lets you easily stop, start and restart services. The script is located at /opt/bitnami/ Call it without any service name arguments to start all services:

$ sudo /opt/bitnami/ start

Or use it to restart a single service, such as Apache only, by passing the service name as argument:

$ sudo /opt/bitnami/ restart apache

Use this script to stop all services:

$ sudo /opt/bitnami/ stop

Restart the services by running the script without any arguments:

$ sudo /opt/bitnami/ restart

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/

How to configure outbound email settings?

Outbound email configuration

To send emails from Alfresco via SMTP, specify the SMTP settings in the /opt/bitnami/apache-tomcat/shared/classes/ file. The following example shows how to configure Alfresco using a Gmail account. Replace USERNAME and PASSWORD with your Gmail account username and password respectively.

Restart the Tomcat server for your changes to take effect

$ sudo /opt/bitnami/ restart tomcat

Inbound email configuration

To send emails to Alfresco using SMTP, specify the following parameters in the /opt/bitnami/apache-tomcat/shared/classes/ file.


The Tomcat server is configured to run as the tomcat user and not the root user for security reasons. The problem with this configuration is that Tomcat then does not have privileges to bind port 25 (the SMTP port), so it becomes necessary to specify another port (2025 in the example above), and then create a port forwarding rule in the system to redirect all requests from port 25 to port 2025. Run the following command:

$ sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j REDIRECT --to-port 2025

Check the iptables rules with this command:

$ sudo iptables -t nat -L -n -v

Check that port 25 is open in your firewall and restart the Tomcat server for your changes to take effect

$ sudo /opt/bitnami/ restart tomcat

From another machine, verify connectivity using telnet:

$ telnet your_host_name 25

You should see something similar to this:

Trying ...
Connected to ....
Escape character is '^]'.
220 your_server_domain ESMTP SubEthaSMTP 3.1.6

More information.

To configure the application to use other third-party SMTP services for outgoing email, such as SendGrid or Mandrill, refer to the FAQ.

NOTE: If you are using Gmail as the outbound email server and have experienced issues trying to send emails correctly, check the How to troubleshoot Gmail SMTP issues to learn the causes of these issues and how to solve them.

How to install a plugin on Alfresco?

Alfresco has package modules (AMPs) which can be installed on top of the basic application.

To install any AMP on top of the Bitnami Alfresco Stack, follow the steps below. This example installs the Alfresco Records Management Module.

  • Download the module and extract the files.

  • Move the AMP file to the /opt/bitnami/apps/alfresco/amps or the /opt/bitnami/apps/alfresco/amps_share directory.

     $ sudo mv *.amp /opt/bitnami/apps/alfresco/amps
  • Stop the Apache Tomcat server.

     $ cd /opt/bitnami
     $ sudo ./ stop tomcat

Run the apply_amps command in the root Alfresco directory.

    $ cd /opt/bitnami/apps/alfresco
    $ sudo ./
  • Change the permissions of the new WAR files.

     $ sudo chown -R tomcat:tomcat /opt/bitnami/apache-tomcat/webapps
  • Start the Apache Tomcat server.

     $ cd /opt/bitnami
     $ sudo ./ctlscript start tomcat

How to create a full backup of Alfresco Community?


The Bitnami Alfresco Community Stack is self-contained and the simplest option for performing a backup is to copy or compress the Bitnami stack installation directory. To do so in a safe manner, you will need to stop all servers, so this method may not be appropriate if you have people accessing the application continuously.

Follow these steps:

  • Change to the directory in which you wish to save your backup:

      $ cd /your/directory
  • Stop all servers:

      $ sudo /opt/bitnami/ stop
  • Create a compressed file with the stack contents:

      $ sudo tar -pczvf application-backup.tar.gz /opt/bitnami
  • Restart all servers:

      $ sudo /opt/bitnami/ start

You should now download or transfer the application-backup.tar.gz file to a safe location.


Follow these steps:

  • Change to the directory containing your backup:

      $ cd /your/directory
  • Stop all servers:

      $ sudo /opt/bitnami/ stop
  • Move the current stack to a different location:

      $ sudo mv /opt/bitnami /tmp/bitnami-backup
  • Uncompress the backup file to the original directoryv

      $ sudo tar -pxzvf application-backup.tar.gz -C /
  • Start all servers:

      $ sudo /opt/bitnami/ start

If you want to create only a database backup, refer to these instructions for MySQL and PostgreSQL.

How to upgrade Alfresco?

It is strongly recommended that you create a backup before starting the update process. If you have important data, it is advisable that you create and try to restore a backup to ensure that everything works properly.

An in-place upgrade of the Bitnami Alfresco Stack is not recommended. Instead, the correct procedure is to install a new version of the stack and then transfer the existing content repository to it.

NOTE: The steps below assume that you have already installed a new version of the stack and have access to both the older version (which contains data to be migrated) and the newer version (which contains no data).

On the older Alfresco version:

  • Stop all servers:

      $ sudo /opt/bitnami/ stop
  • Copy the content repository and indexes to a backup location:

      $ sudo mkdir /backup
      $ sudo cp /opt/bitnami/apps/alfresco/data /backup
  • Back up the database to an SQL file, entering the database password when prompted:

      $ mysqldump -u root -p bitnami_alfresco > /backup/alfresco.sql
  • Transfer the content repository, indexes and database backup file to the new Alfresco instance, using SFTP, SSH or any other file transfer mechanism.

On the newer Alfresco version:

  • Stop all services and start only MySQL:

      $ sudo /opt/bitnami/ stop
      $ sudo /opt/bitnami/ start mysql
  • Remove the existing content repository and replace it with the backup from the older version:

      $ sudo rm /opt/bitnami/apps/alfresco/data
      $ sudo cp -R data /opt/bitnami/apps/alfresco/
      $ sudo chown -R tomcat:tomcat /opt/bitnami/apps/alfresco/data
  • Obtain the current database password by viewing the contents of the Alfresco configuration file at /opt/bitnami/apps/alfresco/apache-tomcat/shared/classes/ and noting the value of the db.password field. You should see something like this:

      ### database connection properties ###
  • Remove the existing Alfresco database and create a new one, then grant access to the bitnami database user. Replace the DATABASE_PASSWORD placeholder in the final command with the database password obtained in the previous step.

      $ mysql -u root -p
      Password: ****
      mysql> DROP DATABASE bitnami_alfresco;
      mysql> CREATE DATABASE bitnami_alfresco;
      mysql> GRANT ALL PRIVILEGES ON bitnami_alfresco.* TO 'bitnami'@'localhost' IDENTIFIED BY 'DATABASE_PASSWORD';
  • Restore the database from the database backup file:

      $ mysql -u root -p bitnami_alfresco < backup.sql
  • Restart the servers:

      $ sudo /opt/bitnami/ restart

You should now be able to access the content repository from the older version in the new Alfresco instance.

For more information, refer to the official Alfresco upgrade documentation.

How to create an SSL certificate for Apache Tomcat?

A detailed guide is available in the official Apache Tomcat documentation at

How to enable SSL access over HTTPS?

You can configure Apache Tomcat to enable SSL access to applications using HTTPS. It is necessary to configure Tomcat with the location of the Apache SSL certificate, as described below.

  • Check that the certificate file is present at /opt/bitnami/apache-tomcat/conf/ssl/tomcat.cert.pem and the certificate key file is present at /opt/bitnami/apache-tomcat/conf/ssl/tomcat.key.pem.

  • Uncomment the following line in the /opt/bitnami/apache-tomcat/conf/server.xml file:

       <Connector port="8443"
                  protocol="HTTP/1.1" SSLEnabled="true"
                  maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
                  enableLookups="false" disableUploadTimeout="true"
                  acceptCount="100" scheme="https" secure="true"
                  clientAuth="false" sslProtocol="TLS"
  • Restart the Apache Tomcat server

You should now be able to access your Web applications over HTTPS by browsing to https://SERVER-IP:8443.

How to create an SSL certificate?

OpenSSL is required to create an SSL certificate. A certificate request can then be sent to a certificate authority (CA) to get it signed into a certificate, or if you have your own certificate authority, you may sign it yourself, or you can use a self-signed certificate (because you just want a test certificate or because you are setting up your own CA).

Follow the steps below:

  • Generate a new private key:

     $ sudo openssl genrsa -out /opt/bitnami/apache2/conf/server.key 2048
  • Create a certificate:

     $ sudo openssl req -new -key /opt/bitnami/apache2/conf/server.key -out /opt/bitnami/apache2/conf/cert.csr
    IMPORTANT: Enter the server domain name when the above command asks for the "Common Name".
  • Send cert.csr to the certificate authority. When the certificate authority completes their checks (and probably received payment from you), they will hand over your new certificate to you.

  • Until the certificate is received, create a temporary self-signed certificate:

     $ sudo openssl x509 -in /opt/bitnami/apache2/conf/cert.csr -out /opt/bitnami/apache2/conf/server.crt -req -signkey /opt/bitnami/apache2/conf/server.key -days 365
  • Back up your private key in a safe location after generating a password-protected version as follows:

     $ sudo openssl rsa -des3 -in /opt/bitnami/apache2/conf/server.key -out privkey.pem

    Note that if you use this encrypted key in the Apache configuration file, it will be necessary to enter the password manually every time Apache starts. Regenerate the key without password protection from this file as follows:

     $ sudo openssl rsa -in privkey.pem -out /opt/bitnami/apache2/conf/server.key

Find more information about certificates at

How to enable HTTPS support with SSL certificates?

TIP: If you wish to use a Let's Encrypt certificate, you will find specific instructions for enabling HTTPS support with Let's Encrypt SSL certificates in our Let's Encrypt guide.
NOTE: The steps below assume that you are using a custom domain name and that you have already configured the custom domain name to point to your cloud server.

Bitnami images come with SSL support already pre-configured and with a dummy certificate in place. Although this dummy certificate is fine for testing and development purposes, you will usually want to use a valid SSL certificate for production use. You can either generate this on your own (explained here) or you can purchase one from a commercial certificate authority.

Once you obtain the certificate and certificate key files, you will need to update your server to use them. Follow these steps to activate SSL support:

  • Use the table below to identify the correct locations for your certificate and configuration files.

    Variable Value
    Current application URL https://[custom-domain]/
      Example: or
    Apache configuration file /opt/bitnami/apache2/conf/bitnami/bitnami.conf
    Certificate file /opt/bitnami/apache2/conf/server.crt
    Certificate key file /opt/bitnami/apache2/conf/server.key
    CA certificate bundle file (if present) /opt/bitnami/apache2/conf/server-ca.crt
  • Copy your SSL certificate and certificate key file to the specified locations.

    NOTE: If you use different names for your certificate and key files, you should reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the corresponding Apache configuration file to reflect the correct file names.
  • If your certificate authority has also provided you with a PEM-encoded Certificate Authority (CA) bundle, you must copy it to the correct location in the previous table. Then, modify the Apache configuration file to include the following line below the SSLCertificateKeyFile directive. Choose the correct directive based on your scenario and Apache version:

    Variable Value
    Apache configuration file /opt/bitnami/apache2/conf/bitnami/bitnami.conf
    Directive to include (Apache v2.4.8+) SSLCACertificateFile "/opt/bitnami/apache2/conf/server-ca.crt"
    Directive to include (Apache < v2.4.8) SSLCertificateChainFile "/opt/bitnami/apache2/conf/server-ca.crt"
    NOTE: If you use a different name for your CA certificate bundle, you should reconfigure the SSLCertificateChainFile or SSLCACertificateFile directives in the corresponding Apache configuration file to reflect the correct file name.
  • Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands:

     $ sudo chown root:root /opt/bitnami/apache2/conf/server*
     $ sudo chmod 600 /opt/bitnami/apache2/conf/server*
  • Open port 443 in the server firewall. Refer to the FAQ for more information.

  • Restart the Apache server.

You should now be able to access your application using an HTTPS URL.

How to force HTTPS redirection with Apache?

Add the following to the top of the /opt/bitnami/alfresco/conf/httpd-prefix.conf file:

RewriteEngine On
RewriteCond %{HTTP_HOST} !^localhost
RewriteCond %{HTTP_HOST} !^
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

After modifying the Apache configuration files, restart Apache to apply the changes.

How to debug Apache errors?

Once Apache starts, it will create two log files at /opt/bitnami/apache2/logs/access_log and /opt/bitnami/apache2/logs/error_log respectively.

  • The access_log file is used to track client requests. When a client requests a document from the server, Apache records several parameters associated with the request in this file, such as: the IP address of the client, the document requested, the HTTP status code, and the current time.

  • The error_log file is used to record important events. This file includes error messages, startup messages, and any other significant events in the life cycle of the server. This is the first place to look when you run into a problem when using Apache.

If no error is found, you will see a message similar to:

Syntax OK

How to change the Java memory settings?

The Java Virtual Machine (JVM) determines the default settings for your Java application:

JAVA_OPTS="-Xms256m -Xmx512m"

You can increase these Java settings for your application if necessary. The settings are in the /opt/bitnami/java/bitnami/ file. Here is an example of how to change the memory settings:

$ export JAVA_OPTS="$JAVA_OPTS -Xms256M -Xmx768M"
IMPORTANT: This file is a symlink to a configuration file that changes depending on the instance type that you are currently using. The symlink will be automatically changed when you resize your server.

How to debug errors in Tomcat?

The main Apache Tomcat configuration file is at /opt/bitnami/apache-tomcat/conf/server.xml.

Once Apache Tomcat starts, it will create several log files in the /opt/bitnami/apache-tomcat/logs directory. The main log file is the catalina.out file where you can find error messages. On some platforms, you may need root account privileges to view these files.

Updating the IP address or hostname

Alfresco Community requires updating the IP address/domain name if the machine IP address/domain name changes. The bnconfig tool also has an option which updates the IP address, called --machine_hostname (use --help to check if that option is available for your application). Note that this tool changes the URL to http://NEW_DOMAIN/alfresco.

$ sudo /opt/bitnami/apps/alfresco/bnconfig --machine_hostname NEW_DOMAIN

If you have configured your machine to use a static domain name or IP address, you should rename or remove the /opt/bitnami/apps/alfresco/bnconfig file.

$ sudo mv /opt/bitnami/apps/alfresco/bnconfig /opt/bitnami/apps/alfresco/bnconfig.disabled
NOTE: Be sure that your domain is propagated. Otherwise, this will not work. You can verify the new DNS record by using the Global DNS Propagation Checker and entering your domain name into the search field.

You can also change your hostname by modifying it in your hosts file. Enter the new hostname using your preferred editor.

$ sudo nano /etc/hosts
  • Add a new line with the IP address and the new hostname. Here's an example. Remember to replace the IP-ADDRESS and DOMAIN placeholders with the correct IP address and domain name.


How to find the MySQL database credentials?

How to connect to the MySQL database?

You can connect to the MySQL database from the same computer where it is installed with the mysql client tool.

$ mysql -u root -p

You will be prompted to enter the root user password. This is the same as the application password.

How to debug errors in your database?

The main log file is created at /opt/bitnami/mysql/data/mysqld.log on the MySQL database server host.

How to change the MySQL root password?

You can modify the MySQL password using the following command at the shell prompt. Replace the NEW_PASSWORD placeholder with the actual password you wish to set.

$ /opt/bitnami/mysql/bin/mysqladmin -p -u root password NEW_PASSWORD

How to reset the MySQL root password?

If you don't remember your MySQL root password, you can follow the steps below to reset it to a new value:

  • Create a file in /home/bitnami/mysql-init with the content shown below (replace NEW_PASSWORD with the password you wish to use):

     UPDATE mysql.user SET Password=PASSWORD('NEW_PASSWORD') WHERE User='root';

    If your stack ships MySQL v5.7.x, use the following content instead of that shown above:

     UPDATE mysql.user SET authentication_string=PASSWORD('NEW_PASSWORD') WHERE User='root';
    TIP: Check the MySQL version with the command /opt/bitnami/mysql/bin/mysqladmin --version or /opt/bitnami/mysql/bin/mysqld --version.
  • Stop the MySQL server:

     $ sudo /opt/bitnami/ stop mysql
  • Start MySQL with the following command:

     $ sudo /opt/bitnami/mysql/bin/mysqld_safe --pid-file=/opt/bitnami/mysql/data/ --datadir=/opt/bitnami/mysql/data --init-file=/home/bitnami/mysql-init 2> /dev/null &
  • Restart the MySQL server:

     $ sudo /opt/bitnami/ restart mysql
  • Remove the script:

     $ rm /home/bitnami/mysql-init

How to upload files to the server with SFTP?

Although you can use any SFTP/SCP client to transfer files to your server, the link below explains how to configure FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X). It is required to use your server's private SSH key to configure the SFTP client properly. Choose your preferred application and follow the steps in the link below to connect to the server through SFTP.

How to upload files to the server

How to configure a redirect for main page to /share?

Alfresco runs at the /share URL by default. To add a simple redirection from your main domain to the /share application, add the following line to the beginning of the /opt/bitnami/apps/alfresco/conf/httpd-app.conf file:

Redirect / /share

Then, restart Apache:

$ sudo /opt/bitnami/ restart apache

How to enable CIFS and/or FTP for Alfresco?

To enable CIFS in Alfresco, open port 445.

To enable FTP in Alfresco, install the vsftpd FTP server:

  • Debian:

    $ sudo apt-get install vsftpd

  • CentOS:

    $ sudo yum install vsftpd

Then, open port 21 and comment out the following line in the /etc/vsftpd.conf file:


Then, restart the vsftpd server:

  • Debian:

    $ sudo service vsftpd restart
  • CentOS:

    $ systemctl restart vsftpd.service

Refer to the FAQ for more information on how to open ports in the server firewall.

You might see this error when binding the CIFS port in the Tomcat/Alfresco log file:

ERROR [org.alfresco.fileserver] [CIFS Server] [SMB] Server error : org.alfresco.jlan.server.config.InvalidConfigurationException: Error initializing TCP-IP SMB session handler, Permission denied
ERROR [org.alfresco.fileserver] [CIFS Server] Error from JLAN
org.alfresco.jlan.server.config.InvalidConfigurationException: Error initializing TCP-IP SMB session handler, Permission denied
        at org.alfresco.jlan.smb.server.nio.NIOCifsConnectionsHandler.initializeHandler(
        at Source)

This occurs when Alfresco tries to start a SMB/CIFS server using a port number below 1024, and that operation is not allowed for normal users. To fix this, edit the /opt/bitnami/apache-tomcat/shared/classes/ file and uncomment these lines:


How to install Alfresco Office Services (AOS) support?

NOTE: Microsoft Office SharePoint Protocol Support has been replaced with Alfresco Office Services (AOS) in Alfresco v201602 and higher. Find instructions for activating Microsoft Office SharePoint Protocol Support in older versions here.

Alfresco Office Services allow you to edit documents in Alfresco using Microsoft Office. To activate this support, follow these steps:

  • Log in to your server console.

  • Download and extract the Alfresco Office Services AMP file to the amps/ directory of the Bitnami Alfresco Stack. Note that the AMP file is packaged within a .zip file, so it needs to be extracted before proceeding to the next step.

  • Execute the command to install the AMP file:

     $ cd /opt/bitnami/apps/alfresco/
     $ sudo ./

    This will install all available AMP files to the correct location. A status message will appear to indicate progress.

  • Check that the AOS AMP file has been installed by running the following command:

    $ cd /opt/bitnami/apps/alfresco/
    $ java -jar alfresco-mmt.jar list /opt/bitnami/apache-tomcat/webapps/alfresco.war

    The output should indicate that the AOS AMP file has been installed.

    Alfresco AOS installation

  • Restart Alfresco:

    $ sudo /opt/bitnami/ restart

For more information, refer to the instructions in the Alfresco documentation.

How to install Microsoft Office SharePoint Protocol Support?

NOTE: Microsoft Office SharePoint Protocol Support has been replaced with Alfresco Office Services (AOS) in Alfresco v201602 and higher. Find instructions for activating Alfresco Office Services support here.

Microsoft Office SharePoint Protocol Support allows you to edit documents in Alfresco using Microsoft Office. To install it, download the package from the Alfresco official site. The instructions below use Alfresco v4.2.f, but similar steps can be followed for other versions.

  • Run the commands below:

     $ cd /tmp
     $ wget
     $ cd /opt/bitnami
     $ sudo ./ctlscript stop tomcat
     $ sudo cp /tmp/alfresco-community-spp-4.2.f.amp apps/alfresco/amps/
     $ sudo cp /tmp/alfresco-community-spp-4.2.f.amp apps/alfresco/amps_share/
     $ sudo ./apps/alfresco/
     $ sudo chown -R tomcat:tomcat apache-tomcat/webapps
     $ sudo ./ start tomcat

    With these commands, the Microsoft Office SharePoint Protocol support will be installed in the Bitnami Alfresco Stack. The default port configured is 7070. To change this port, edit the configuration files at /opt/bitnami/apache-tomcat/webapps/share/WEB-INF/classes/alfresco/module/org.alfresco.module.vti/context/ and /opt/bitnami/apache-tomcat/webapps/alfresco/WEB-INF/classes/alfresco/module/org.alfresco.module.vti/context/

  • Open port 7070 in the server firewall.

After this, you will be able to access the Alfresco SharePoint module by browsing to http://DOMAIN:7070/.

SharePoint module

Open Alfresco files directly using Microsoft Word. Click "Open" and insert the URL in the "File Name" field.

Word files in Alfresco

How to enable Google Docs integration with Alfresco?

Since Bitnami Alfresco v4.2.c-1, you can easily enable Alfresco integration with Google Docs.

NOTE: Before you enable Google Docs integration, set up a Google Docs account that will be used for administrative purposes for the integration between Alfresco and Google Docs.
  • Edit the /opt/bitnami/apache-tomcat/shared/classes/ file and set the following options. Replace USERNAME and PASSWORD with your Gmail account username and password respectively.

     # Enables Google Editable functionality set to true to enable
     # Google Docs system authentication credentials account Alfresco will use a tempt account 
     # for everyone
     # Google docs Application name ECM system
     # Google Docs URL
     # Google Docs Spreadsheet Service
  • Restart the Tomcat server:

     $ sudo /opt/bitnami/ restart tomcat

You should now be able to create a site in Alfresco and open the "Document Library". In the "Create Content" option, create a Google Docs document and start editing it.

If you see an error similar to this:

Error Message: 11260001 Failed to execute script 'classpath*:alfresco/site-webscripts/org/alfresco/components/googledocs/toolbar.get.js': 11260000 Error: Parameter "site" is missing.

This occurs when you attempt to create a Google Docs document in your repository directly. It is necessary to create an Alfresco site and create the Google Docs document in the "Document Library".


Bitnami Documentation