Hello all, I added the incorrect certificate and can clearly see the certificate in my keystore when I run the following command:
keytool -list -v -keystore D:\Solr\solr-6.6.2\server\etc\solr-ssl.keystore.pfx -storepass mypass However, I can't remove it as this command states "keytool error: java.lang.Exception: Alias <MyCert> does not exist": keytool -delete -alias "MyCert" -keystore D:\Solr\solr-6.6.2\server\etc\solr-ssl.keystore.pfx -storepass mypass How can it show it in the store, but not delete it? If I try to import it again, it says it can't import because it already exists in the store! Thanks, Kelly -----Original Message----- From: Kelly Rusk [mailto:kelly.r...@rackspace.com] Sent: Sunday, April 22, 2018 8:51 PM To: solr-user@lucene.apache.org; solr-user@lucene.apache.org Subject: Re: Solr 6.6.2 Master/Slave SSL Replication Error Makes perfect sense! Should I use the key tool to import the Certs? If so, do you have an example you prefer or should I just pull from the docs? Regards, Kelly _____________________________ From: Shawn Heisey <apa...@elyograg.org> Sent: Sunday, April 22, 2018 8:40 PM Subject: Re: Solr 6.6.2 Master/Slave SSL Replication Error To: <solr-user@lucene.apache.org> On 4/22/2018 6:27 PM, Kelly Rusk wrote: > Thanks for the assistance. The Master Server has a self-signed Cert with its > machine name, and the Slave has a self-signed Cert with its machine name. > > They have identical configurations, and I created a keystore per server. > Should I import the self-signed Cert into each other's keystore? Or are you > stating that I need to copy the keystore over to the Slave instead of having > the one I created? For the way you have it now, the trust store will need all of the certificates of all of the servers. It's the remote certificate that must be validated, so having just the local certificate in the trust store doesn't do you any good. A better option would be to have one certificate that covers all of the names you're using, and have all the servers set up identically. Thanks, Shawn
