You need to separate keystore and truststore.
I would leave the stores in their original format and provide the type in
solr.in.sh
There is no need to convert them to JKS, PKCS12 is perfectly supported
> Am 04.06.2020 um 06:48 schrieb yaswanth kumar :
>
> Hi Franke,
>
> I suspect its becau
If the keystore and/or truststore is encrypted you need to provide the Passwort
in solr.in.sh
> Am 04.06.2020 um 18:38 schrieb yaswanth kumar :
>
> I haven't done any changes on jetty xml , I am just using what it comes
> with the solr package. just doing it in solr.in.sh but I am still seeing
I haven't done any changes on jetty xml , I am just using what it comes
with the solr package. just doing it in solr.in.sh but I am still seeing
the same issue.
Thanks,
On Thu, Jun 4, 2020 at 12:23 PM Jörn Franke wrote:
> I think you should not do it in the Jetty xml
> Follow the official refer
I think you should not do it in the Jetty xml
Follow the official reference guide.
It should be in solr.in.sh
https://lucene.apache.org/solr/guide/8_4/enabling-ssl.html
> Am 04.06.2020 um 06:48 schrieb yaswanth kumar :
>
> Hi Franke,
>
> I suspect its because of the certificate encryption ?
Hi Franke,
I suspect its because of the certificate encryption ?? But will wait for
you to confirm the same. We are trying to generate a certs with RSA 2048
and finally combining them to a single JKS and that's what we are referring
as a keystore and truststore, let me know if it doesn't work or i
thanks Franke,
I now made the use of the default jetty-ssl.xml that comes with the solr
package, but the issue is still happening when I try to push data to a
non-leader node.
Do you still think if its something to do with the configurations ??
Thanks,
On Wed, Jun 3, 2020 at 12:29 AM Jörn Frank
Why in the jetty-ssl.xml?
Should this not be configured in the solr.in.sh?
> Am 03.06.2020 um 00:38 schrieb yaswanth kumar :
>
> Thanks Franke, but yes for all these questions I did configured it
> properly, I made sure to include
>
> default="JKS"/>
> default="JKS"/>
> in the jetty-ssl.xml
also forgot to update before that I have enabled basicauthentication and
provided the details in security.json and uploaded it via zookeeper.
Thanks,
On Tue, Jun 2, 2020 at 6:42 PM yaswanth kumar wrote:
> also I am seeing the below error as a parent one from solr.log
>
> at org.apache.solr.uti
also I am seeing the below error as a parent one from solr.log
at org.apache.solr.util.CryptoKeys$RSAKeyPair.encrypt(CryptoKeys.java:366)
org.apache.solr.common.SolrException: javax.crypto.BadPaddingException: RSA
private key operation failed
at
org.apache.solr.util.CryptoKeys$RSAKeyPair.
Thanks Franke, but yes for all these questions I did configured it
properly, I made sure to include
in the jetty-ssl.xml along with the path keystore and truststore.
Also I have made sure that trusstore exists on all nodes and also I am
using the same file for both keystore and truststore as
Have you looked in the logfiles?
Keystore Type correctly defined on all nodes?
Have you configured the truststore on all nodes correctly?
Have you set clusterprop urlScheme to htttps in ZK?
https://lucene.apache.org/solr/guide/7_5/enabling-ssl.html#configure-zookeeper
> Am 02.06.2020 um 18:
team, can someone help me on the above topic?
On Mon, Jun 1, 2020 at 10:00 PM yaswanth kumar
wrote:
> Trying to setup solr 8.4.1 + open jdk 11 on centos , enabled the ssl
> configurations with all the certs in place, but the issue what I am seeing
> is when trying to hit /update api on non-leade
12 matches
Mail list logo
