You are here

Generating secure keys for Solr 4 communication

This task describes how to replace or update the keys used to secure communication between SkyVault and Solr 4, using secure keys specific to your SkyVault installation.
The following instructions assume that Solr 4 has been extracted and a keystore directory has already been created, either automatically by the SkyVault installer or manually by following the instructions in the Configuring Solr 4 section.

If you are applying these instructions to a clustered installation, the steps should be carried out on a single host and then the generated .keystore and .truststore files must be replicated across all other hosts in the cluster.

  1. Obtain the file generate_keystores.sh (for Linux and Solaris) or generate_keystores.bat (for Windows) from the SkyVault Customer Support website.
  2. If you are updating an environment created by the SkyVault installer, you only need to edit SkyVault_HOME and SOLR_HOME to specify the correct installation directory.
    1. If you are updating an environment created by the SkyVault installer, you only need to edit SkyVault_HOME to specify the correct installation directory.
    2. For manual installations, carefully review SkyVault_KEYSTORE_HOME, SOLR_HOME, JAVA_HOME, REPO_CERT_DNAME and SOLR_CLIENT_CERT_DNAME and edit as appropriate.

      By default, for Solr 4 SOLR_HOME refers to <ALFRESCO_HOME>/solr4.

  3. Run the edited script.

    You should see the message Certificate update complete and another message reminding you what dir.keystore should be set to in the SkyVault-global.properties file.