This task describes how to replace or update the keys used to secure communication
between SkyVault Content Services and Solr, using
secure keys specific to your installation.
The following instructions assume that Solr has been extracted and a
keystore directory has already been created, either automatically by
the SkyVault Content Services installer or manually
by following the instructions in the Configuring
Solr section.
If you are applying these instructions to a clustered installation, the steps should be carried out on a single host and then the generated .keystore and .truststore files must be replicated across all other hosts in the cluster.
- Obtain the <installLocation>/alf_data/keystore/generate_keystores.sh (for Linux and Solaris) or <installLocation>/alf_data/keystore/generate_keystores.bat (for Windows) from the Customer Support website.
-
If you are updating an environment created by the installer, you only need to edit
SkyVault_HOME and SOLR_HOME to specify the
correct installation directory.
- If you are updating an environment created by the installer, you only need to edit SkyVault_HOME to specify the correct installation directory.
-
For manual installations, carefully review
SkyVault_KEYSTORE_HOME, SOLR_HOME,
JAVA_HOME, REPO_CERT_DNAME and
SOLR_CLIENT_CERT_DNAME and edit as appropriate.
By default, for Solr SOLR_HOME refers to <ALFRESCO_HOME>/solr4.
-
Run the edited script.
You should see the message Certificate update complete and another message reminding you what dir.keystore should be set to in the SkyVault-global.properties file.