Have you tried to create a HttpSolrServer with this constructor: * HttpSolrServer<http://lucene.apache.org/solr/4_2_0/solr-solrj/org/apache/solr/client/solrj/impl/HttpSolrServer.html#HttpSolrServer(java.lang.String, org.apache.http.client.HttpClient)>*(String<http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true> baseURL, org.apache.http.client.HttpClient client) ?
/Uwe On 10 April 2013 15:35, Sarita Nair <sarita...@yahoo.com> wrote: > Hi Uwe, > > Thanks for your response. As I mentioned in my email, I would prefer the > application to not have access to the keystore. > Do you know if there is a way of specifying a different HttpClient > implementation (e.g. DefaultHttpClient rather than > SystemDefaultHttpClient) ? > > > > > > > ________________________________ > From: Uwe Klosa <uwe.kl...@gmail.com> > To: solr-user@lucene.apache.org; Sarita Nair <sarita...@yahoo.com> > Sent: Wednesday, April 10, 2013 2:58 AM > Subject: Re: Solr 4.2.1 SSLInitializationException > > You have to add two new Java options to your Glassfish config (example if > you use the standard keystore and truststore): > > asadmin create-jvm-options -- -Djavax.net.ssl.keyStorePassword=changeit > asadmin create-jvm-options -- -Djavax.net.ssl.trustStorePassword=changeit > > /Uwe > > > On 10 April 2013 03:59, Sarita Nair <sarita...@yahoo.com> wrote: > > > Hi Chris, > > > > Thanks for your response. > > > > My understanding is that GlassFish specifies the keystore as a system > > property, > > but does not specify the password in order to protect it from > > snooping. There's > > a keychain that requires a password to be passed from the DAS in order to > > unlock the key for the keystore. > > > > Is there some way to specify a > > different HttpClient implementation (e.g. DefaultHttpClient rather than > > SystemDefaultHttpClient), as we don't want the application to have > > access to the keystore? > > > > > > I have also pasted the entire stack trace below: > > > > 2013-04-09 10:45:06,144 [main] ERROR > > org.apache.solr.servlet.SolrDispatchFilter - Could not start Solr. Check > > solr/home property and the logs > > 2013-04-09 10:45:06,224 [main] ERROR org.apache.solr.core.SolrCore - > > null:org.apache.http.conn.ssl.SSLInitializationException: Failure > > initializing default system SSL context > > at > > > org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:368) > > at > > > org.apache.http.conn.ssl.SSLSocketFactory.getSystemSocketFactory(SSLSocketFactory.java:204) > > at > > > org.apache.http.impl.conn.SchemeRegistryFactory.createSystemDefault(SchemeRegistryFactory.java:82) > > at > > > org.apache.http.impl.client.SystemDefaultHttpClient.createClientConnectionManager(SystemDefaultHttpClient.java:118) > > at > > > org.apache.http.impl.client.AbstractHttpClient.getConnectionManager(AbstractHttpClient.java:466) > > at > > > org.apache.solr.client.solrj.impl.HttpClientUtil.setMaxConnections(HttpClientUtil.java:179) > > at > > > org.apache.solr.client.solrj.impl.HttpClientConfigurer.configure(HttpClientConfigurer.java:33) > > at > > > org.apache.solr.client.solrj.impl.HttpClientUtil.configureClient(HttpClientUtil.java:115) > > at > > > org.apache.solr.client.solrj.impl.HttpClientUtil.createClient(HttpClientUtil.java:105) > > at > > > org.apache.solr.handler.component.HttpShardHandlerFactory.init(HttpShardHandlerFactory.java:134) > > at > > > com.sun.enterprise.glassfish.bootstrap.GlassFishImpl.start(GlassFishImpl.java:79) > > at > > > com.sun.enterprise.glassfish.bootstrap.GlassFishDecorator.start(GlassFishDecorator.java:63) > > at > > > com.sun.enterprise.glassfish.bootstrap.osgi.OSGiGlassFishImpl.start(OSGiGlassFishImpl.java:69) > > at > > > com.sun.enterprise.glassfish.bootstrap.GlassFishMain$Launcher.launch(GlassFishMain.java:117) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > > at > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:601) > > at > > > com.sun.enterprise.glassfish.bootstrap.GlassFishMain.main(GlassFishMain.java:97) > > at com.sun.enterprise.glassfish.bootstrap.ASMain.main(ASMain.java:55) > > Caused by: java.io.IOException: Keystore was tampered with, or password > > was incorrect > > at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772) > > at > > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) > > at java.security.KeyStore.load(KeyStore.java:1214) > > at > > > org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:281) > > at > > > org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:366) > > ... 50 more > > Caused by: java.security.UnrecoverableKeyException: Password verification > > failed > > at > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770) > > ... 54 more > > > > > > > > > > > > > > > > > > > > > > > > > > > > ________________________________ > > From: Chris Hostetter <hossman_luc...@fucit.org> > > To: "solr-user@lucene.apache.org" <solr-user@lucene.apache.org>; Sarita > > Nair <sarita...@yahoo.com> > > Sent: Tuesday, April 9, 2013 1:31 PM > > Subject: Re: Solr 4.2.1 SSLInitializationException > > > > > > : Deploying Solr 4.2.1 to GlassFish 3.1.1 results in the error below. I > > : have seen similar problems being reported with Solr 4.2 > > > > Are you trying to use server SSL with glassfish? > > > > can you please post the full stack trace so we can see where this error > is > > coming from. > > > > My best guess is that this is coming from the changes made in > > SOLR-4451 to use system defaults correctly when initializing HttpClient, > > which suggets that your problem is exactly what the error message says... > > > > "Keystore was tampered with, or password was incorrect" > > > > Is it possible that the default keystore password for your JVM (or as > > overridden by glassfish defaults - possibly using the > > "javax.net.ssl.keyStore" sysprop) has a password set on it? If so you > > need to confiure your JVM with the standard java system properties to > > specify what that password is. > > > > > > > http://mail-archives.apache.org/mod_mbox/lucene-solr-user/201303.mbox/%3c1364232676233-4051159.p...@n3.nabble.com%3E > > > > : 2013-04-09 10:45:06,144 [main] ERROR > > : org.apache.solr.servlet.SolrDispatchFilter - Could not start Solr. > Check > > solr/home property and the logs > > : 2013-04-09 10:45:06,224 [main] ERROR > > : org.apache.solr.core.SolrCore - > > : null:org.apache.http.conn.ssl.SSLInitializationException: Failure > > : initializing default system SSL context > > : Caused by: java.io.IOException: Keystore was tampered with, or > > password was incorrect > > : at > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772) > > : at > > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) > > : at java.security.KeyStore.load(KeyStore.java:1214) > > : at > > : > > > org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:281) > > : at > > > org.apache.http.conn.ssl.SSLSocketFactory.createSystemSSLContext(SSLSocketFactory.java:366) > > : ... 50 more > > : Caused by: java.security.UnrecoverableKeyException: Password > > verification failed > > : at > > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770) > > > > -Hoss > >
