Hi Vincenzo,
Thanks for your reply.
The original error of that t he collections that are with 2 replica are not
able to be loaded. came from without the leading slash from the path.
I also got the same error as the original when I specify the absolute path.
Regards,
Edwin
On 11 June 2018 at 14:40, Vincenzo D'Amore <v.dam...@gmail.com> wrote:
> Hi Edwin,
>
> I think you should specify the absolute path when setting the environment
> variables or remove the leading slash from the path.
>
> Ciao,
> Vincenzo
>
>
> > On 11 Jun 2018, at 04:22, Zheng Lin Edwin Yeo <edwinye...@gmail.com>
> wrote:
> >
> > I have found that we can't set it this way either, as we will get the
> below
> > error on "no valid keystore".
> >
> > set SOLR_SSL_KEY_STORE=/etc/solr-ssl.keystore.jks
> > set SOLR_SSL_TRUST_STORE=/etc/solr-ssl.keystore.jks
> >
> > Error:
> > java.lang.reflect.InvocationTargetException
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> Source)
> > at java.lang.reflect.Method.invoke(Unknown Source)
> > at org.eclipse.jetty.start.Main.invokeMain(Main.java:221)
> > at org.eclipse.jetty.start.Main.start(Main.java:504)
> > at org.eclipse.jetty.start.Main.main(Main.java:78)
> > Caused by: java.lang.IllegalStateException: no valid keystore
> >
> >
> > Any other ways can that we set or to generate the keystore?
> >
> > Regards,
> > Edwin
> >
> >
> >> On 9 June 2018 at 21:30, Zheng Lin Edwin Yeo <edwinye...@gmail.com>
> wrote:
> >>
> >> Hi Chris,
> >>
> >> I have deployed these files on the {SolrHome}\server\etc folder.
> >>
> >> Currently this is the setting of the path in edm.in.cmd.
> >>
> >> set SOLR_SSL_KEY_STORE=etc/solr-ssl.keystore.jks
> >> set SOLR_SSL_TRUST_STORE=etc/solr-ssl.keystore.jks
> >>
> >> For your meaning of absolute paths actually start with a slash, meaning
> >> we have to set it like this?
> >>
> >> set SOLR_SSL_KEY_STORE=/etc/solr-ssl.keystore.jks
> >> set SOLR_SSL_TRUST_STORE=/etc/solr-ssl.keystore.jks
> >>
> >> Regards,
> >> Edwin
> >>
> >>
> >> On 9 June 2018 at 00:15, Christopher Schultz <
> ch...@christopherschultz.net
> >>> wrote:
> >>
> >>> Edwin,
> >>>
> >>>> On 6/8/18 12:02 PM, Zheng Lin Edwin Yeo wrote:
> >>>> I followed the steps from
> >>>> https://lucene.apache.org/solr/guide/7_3/enabling-ssl.html.
> >>>>
> >>>> 1)
> >>>>
> >>>> keytool -genkeypair -alias solr-ssl -keyalg RSA -keysize 2048 -keypass
> >>>> secret -storepass secret -validity 9999 -keystore
> >>>> solr-ssl.keystore.jks -ext
> >>>> SAN=DNS:localhost,IP:192.168.1.3,IP:127.0.0.1 -dname "CN=localhost,
> >>>> OU=Organizational Unit, O=Organization, L=Location, ST=State,
> >>>> C=Country"
> >>>>
> >>>>
> >>>> 2)
> >>>>
> >>>> keytool -importkeystore -srckeystore solr-ssl.keystore.jks
> >>>> -destkeystore solr-ssl.keystore.p12 -srcstoretype jks -deststoretype
> >>>> pkcs12
> >>>>
> >>>>
> >>>> 3)
> >>>>
> >>>> openssl pkcs12 -in solr-ssl.keystore.p12 -out solr-ssl.pem
> >>>>
> >>>>
> >>>>
> >>>> I have also set these in solr.in.cmd:
> >>>>
> >>>> SOLR_SSL_KEY_STORE=etc/solr-ssl.keystore.jksSOLR_SSL_KEY_STO
> >>> RE_PASSWORD=secretSOLR_SSL_TRUST_STORE=etc/solr-ssl.keystore
> >>> .jksSOLR_SSL_TRUST_STORE_PASSWORD=secret#
> >>>> Require clients to authenticateSOLR_SSL_NEED_CLIENT_AUTH=false#
> Enable
> >>>> clients to authenticate (but not
> >>>> require)SOLR_SSL_WANT_CLIENT_AUTH=false# Define Key Store type if
> >>>> necessarySOLR_SSL_KEY_STORE_TYPE=JKSSOLR_SSL_TRUST_STORE_TYPE=JKS
> >>>
> >>> You didn't describe how you have deployed each of these files on each
> of
> >>> your servers.
> >>>
> >>> You might want to make sure that all your (attempted) absolute paths
> >>> actually start with a slash, though.
> >>>
> >>> -chris
> >>>
> >>>
> >>
>
