Hi, In order to enable SSL in solrcloud 5.2.1 on Windows I have done the following steps: Created SSL keystore that fits jetty: Via CMD 1. keytool -genkeypair -alias solr-ssl -keyalg RSA -keysize 2048 -keypass secret -storepass secret -validity 9999 -keystore solr-ssl.keystore.jks -dname "CN=localhost, OU=MyOrg, O=Org" 2. keytool -importkeystore -srckeystore solr-ssl.keystore.jks -destkeystore solr-ssl.keystore.p12 -srcstoretype jks -deststoretype pkcs12 3. openssl pkcs12 -in solr-ssl.keystore.p12 -out solr-ssl.pem Now i have the following 3 files on /server/etc: solr-ssl.keystore.jks --> Keystore that fits jetty/solrcloud created by java solr-ssl.keystore.p12 solr-ssl.pem
Then i do: C:\solr-5.2.1\server\scripts\cloud-scripts\zkcli.bat -zkhost localhost:2181 -cmd clusterprop -name urlScheme -val https I have configured solr.in.cmd as required to use SSL: set SOLR_SSL_KEY_STORE=etc/solr-ssl.keystore.jks set SOLR_SSL_KEY_STORE_PASSWORD=secret set SOLR_SSL_TRUST_STORE=etc/solr-ssl.keystore.jks set SOLR_SSL_TRUST_STORE_PASSWORD=secret REM Require clients to authenticate set SOLR_SSL_NEED_CLIENT_AUTH=false Started Zookeeper and Solr and i receive the following error when trying to create a collection: C:\solr-5.2.1\bin\solr.cmd create -c collection1 -d C:/solr-5.2.1/server/solr/configsets/basic_configs/conf -n solanconf -p 8983 -s 2 -rf 2 The error: ERROR: create failed due to: Certificate for <localhost> doesn't match common name of the certificate subject: 10.132.2.110 What did i define wrong ? -- - Ilan Schwarts
