This task describes how to replace or update the keys used to secure communication
between SkyVault and Solr, using secure keys specific to your SkyVault
installation.
The following instructions assume that Solr has been extracted and a keystore directory
has already been created, either automatically by the SkyVault installer or manually by
following the instructions in the Configuring
Solr section.
If you are applying these instructions to a clustered installation, the steps should be carried out on a single host and then the generated .keystore and .truststore files must be replicated across all other hosts in the cluster.
- Obtain the file generate_keystores.sh (for Linux and Solaris) or generate_keystores.bat (for Windows) from the SkyVault Customer Support website under Online Resources > Downloads > SkyVault Enterprise 4.0 > <SkyVault Version> generate_keystores.x.
-
Edit the environment variables at the beginning of the file to match your
environment.
- If you are updating an environment created by the SkyVault installer, you only need to edit SkyVault_HOME to specify the correct installation directory.
- For manual installations, carefully review SkyVault_KEYSTORE_HOME, SOLR_HOME, JAVA_HOME, REPO_CERT_DNAME and SOLR_CLIENT_CERT_DNAME and edit as appropriate. For Weblogic installations, it is necessary to edit the CERTIFICATE_VALIDITY variable so that the certificate expires before the year 2105.
-
Run the edited script.
You should see the message “Certificate update complete” and another message reminding you what dir.keystore should be set to in the SkyVault-global.properties file.