You are here

Generating secure keys for Solr communication

This task describes how to replace or update the keys used to secure communication between Alfresco Content Services and Alfresco Search Services, using secure keys specific to your installation.
The following instructions assume that Search Services has been extracted, and a keystore directory has already been created manually, by following the instructions in Configuring Search Services using Admin Console.

If you're applying these instructions to a clustered installation, the steps should be carried out on a single host, and then the generated .keystore and .truststore files must be replicated across all other hosts in the cluster.

  1. Obtain the <installLocation>/alf_data/keystore/generate_keystores.sh (for Linux and Solaris) or <installLocation>/alf_data/keystore/generate_keystores.bat (for Windows) from the Customer Support website.
  2. If you're updating an environment created by the installer, you only need to edit ALFRESCO_HOME and SOLR_HOME to specify the correct installation directory.
    1. If you're updating an environment created by the installer, you only need to edit ALFRESCO_HOME to specify the correct installation directory.
    2. For manual installations, carefully review ALFRESCO_KEYSTORE_HOME, SOLR_HOME, JAVA_HOME, REPO_CERT_DNAME and SOLR_CLIENT_CERT_DNAME and edit as appropriate.

      By default, for Search Services SOLR_HOME refers to <ALFRESCO_HOME>/alfresco-search-services/solrhome.

  3. Run the edited script.

    You should see the message Certificate update complete and another message reminding you what dir.keystore should be set to in the alfresco-global.properties file.

Sending feedback to the Alfresco documentation team

You don't appear to have JavaScript enabled in your browser. With JavaScript enabled, you can provide feedback to us using our simple form. Here are some instructions on how to enable JavaScript in your web browser.