generate_keystores.sh , does it work?

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Active Member

generate_keystores.sh , does it work?

I'm triing a 6.0.2 community and I would to configure it with a new SSL certificate. I see by default a bash script is available in the alf_data/keystore directory. 

Triing to launch it it works on four files:

ssl.keystore

ssl.truststore

ssl.repo.client.keystore

ssl.repo.client.truststore

The first two files are copied correctly in the keystore directory and the SSL connection through share is ok. But the alfresco solr tracking fails.

The last two files are created but ignored, so they aren't copied in the solr configuration where I suppose they should be.

If I try to copy them manually, I continue to get the same error in the alfresco solr tracking.

If I copy the first two files in the solr configuration directories and I rename them in ssl.repo.client.keystore and ssl.repo.client.truststore, the alfresco solr tracking is ok.

Surely it's a bug and I would understand if the ssl.repo.client files must be ignored or if there is an error on them creation

3 Replies
Highlighted
Alfresco Employee

Re: generate_keystores.sh , does it work?

Highlighted
Active Member

Re: generate_keystores.sh , does it work?

Yes thanks, but I think the problem is related to how the ssl.repo.client keystores were created. Certificates are imported in the same way as alfresco's key stores, so the problem would pass to these two key stores. Maybe they are corrupt?

Highlighted
Alfresco Employee

Re: generate_keystores.sh , does it work?

Did you try this tool to generate your stores?

https://github.com/Alfresco/alfresco-ssl-generator

Software Engineer in Alfresco Search Team.