Uploaded image for project: 'Alfresco One Platform'
  1. Alfresco One Platform
  2. ACE-5648

SOLR 6 - Start up scripts do not set SSL properties correctly

    Details

      Description

      The script shipped with SOLR does not use late binding in the function that wires up SSL

      In <solr6>/solr/bin/solr.cmd change the use of %....% to !....! for !SOLR_SSL_OPTS!

      REM Select HTTP OR HTTPS related configurations
      set SOLR_URL_SCHEME=http
      set "SOLR_JETTY_CONFIG=--module=http"
      set SOLR_SSL_OPTS=
      IF DEFINED SOLR_SSL_KEY_STORE (
        set SOLR_JETTY_CONFIG="--module=https"
        set SOLR_URL_SCHEME=https
        set "SCRIPT_ERROR=Solr server directory %SOLR_SERVER_DIR% not found"
        set "SOLR_SSL_OPTS=-Dsolr.jetty.keystore=%SOLR_SSL_KEY_STORE% -Dsolr.jetty.keystore.password=%SOLR_SSL_KEY_STORE_PASSWORD% -Dsolr.jetty.truststore=%SOLR_SSL_TRUST_STORE% -Dsolr.jetty.truststore.password=%SOLR_SSL_TRUST_STORE_PASSWORD% -Dsolr.jetty.ssl.needClientAuth=%SOLR_SSL_NEED_CLIENT_AUTH% -Dsolr.jetty.ssl.wantClientAuth=%SOLR_SSL_WANT_CLIENT_AUTH%"
        IF DEFINED SOLR_SSL_CLIENT_KEY_STORE  (
          set "SOLR_SSL_OPTS=!SOLR_SSL_OPTS! -Djavax.net.ssl.keyStore=%SOLR_SSL_CLIENT_KEY_STORE% -Djavax.net.ssl.keyStorePassword=%SOLR_SSL_CLIENT_KEY_STORE_PASSWORD% -Djavax.net.ssl.trustStore=%SOLR_SSL_CLIENT_TRUST_STORE% -Djavax.net.ssl.trustStorePassword=%SOLR_SSL_CLIENT_TRUST_STORE_PASSWORD%"
        ) ELSE (
          set "SOLR_SSL_OPTS=!SOLR_SSL_OPTS! -Djavax.net.ssl.keyStore=%SOLR_SSL_KEY_STORE% -Djavax.net.ssl.keyStorePassword=%SOLR_SSL_KEY_STORE_PASSWORD% -Djavax.net.ssl.trustStore=%SOLR_SSL_TRUST_STORE% -Djavax.net.ssl.trustStorePassword=%SOLR_SSL_TRUST_STORE_PASSWORD%"
        )
      ) ELSE (
        set SOLR_SSL_OPTS=
      )
      

      Minor - the defaults are OK but should work .....
      In <solr6>/solr/server/etc/jetty-ssl.xml fix case to all lower case as below:

        <Set name="NeedClientAuth"><Property name="solr.jetty.ssl.needclientauth" default="true"/></Set>
        <Set name="WantClientAuth"><Property name="solr.jetty.ssl.wantclientauth" default="false"/></Set>
      

        Attachments

          Issue Links

            Structure

              Activity

                People

                • Assignee:
                  closedissues Closed Issues
                  Reporter:
                  ahind Andrew Hind [X] (Inactive)
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Structure Helper Panel