You are here

Generating secure keys for Solr communication

This task describes how to replace or update the keys used to secure communication between Alfresco Content Services and Solr, using secure keys specific to your installation.
The following instructions assume that Solr has been extracted and a keystore directory has already been created, either automatically by the Alfresco Content Services installer or manually by following the instructions in the Configuring Solr section.

If you are applying these instructions to a clustered installation, the steps should be carried out on a single host, and then the generated .keystore and .truststore files must be replicated across all other hosts in the cluster.

  1. Download the relevant script from the Customer Support website, or from the following location in the extracted distribution zip content:

    <installLocation>/alf_data/keystore/ (for Linux and Solaris)

    <installLocation>/alf_data/keystore/generate_keystores.bat (for Windows)

  2. Check the following directories for your environment.
    1. If you are updating an environment created by the installer, you only need to edit ALFRESCO_HOME and SOLR_HOME to specify the correct installation directory.
    2. For manual installations, carefully review ALFRESCO_KEYSTORE_HOME, SOLR_HOME, JAVA_HOME, REPO_CERT_DNAME and SOLR_CLIENT_CERT_DNAME and edit as appropriate.

      By default, for Solr SOLR_HOME refers to <ALFRESCO_HOME>/solr4.

  3. Run the edited script to generate your certificates.

    You should see the message Certificate update complete and another message reminding you what dir.keystore should be set to in the file.

Sending feedback to the Alfresco documentation team

You don't appear to have JavaScript enabled in your browser. With JavaScript enabled, you can provide feedback to us using our simple form. Here are some instructions on how to enable JavaScript in your web browser.