You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@solr.apache.org by Anchal Sharma2 <an...@in.ibm.com> on 2022/05/23 11:54:30 UTC
Facing issue in enabling SSL on solr v8.11.1
Hi All ,
I enabled SSL over Solr version 8.11.1 using following steps(using solr official guide https://solr.apache.org/guide/8_11/enabling-ssl.html) , but getting error on browser . Please let know if any suggestions to resolve the issue .
1.creation of keystore
keytool -genkeypair -alias solr-ssl -keyalg RSA -keysize 2048 -keypass secret -storepass secret -validity 9999 -keystore solr-ssl.keystore.p12 -storetype PKCS12 -ext SAN=DNS:localhost,IP:192.168.1.3,IP:127.0.0.1 -dname "CN=localhost, OU=Organizational Unit, O=Organization, L=Location, ST=State, C=Country"
2. Change in solr.in.sh
SOLR_SSL_KEY_STORE=/...pathto/solr-ssl.keystore.p12
SOLR_SSL_KEY_STORE_PASSWORD=******
SOLR_SSL_TRUST_STORE=/pathto/solr-ssl.keystore.p12
SOLR_SSL_TRUST_STORE_PASSWORD=******
# Require clients to authenticate
SOLR_SSL_NEED_CLIENT_AUTH=false
3. zookeeper configuration
server/scripts/cloud-scripts/zkcli.sh -zkhost server1:2181 -cmd clusterprop -name urlScheme -val https
4.restart of solr /zoo
ERROR ON BROWSER
An error occurred during connection to hostname:solrport. Cannot communicate securely with peer . No common encryption algorithm(s).
Error Code: SSL_ERROR_NO_CYPHER_OVERLAP
Thank you
Anchal Sharma
Re: Facing issue in enabling SSL on solr v8.11.1
Posted by Shawn Heisey <ap...@elyograg.org>.
On 5/23/2022 9:47 AM, Anchal Sharma2 wrote:
> ERROR ON BROWSER
> An error occurred during connection to hostname:solrport. Cannot communicate securely with peer . No common encryption algorithm(s).
> Error Code: SSL_ERROR_NO_CYPHER_OVERLAP
It means that the browser and the server (Jetty in this case) could not
agree on what TLS cipher to use.
Upgrading Java to the newest 8.x version or maybe the newest 11.x is
most likely the fix.
https://stackoverflow.com/a/42520741/2665648
I would recommend OpenJDK, due to changes in how Oracle licenses their Java.
Thanks,
Shawn
Facing issue in enabling SSL on solr v8.11.1
Posted by Anchal Sharma2 <an...@in.ibm.com>.
Hi All ,
I enabled SSL over Solr version 8.11.1 using following steps(using solr official guide https://solr.apache.org/guide/8_11/enabling-ssl.html ) , but getting error on browser . Please let know if any suggestions to resolve the issue .
1.creation of keystore
keytool -genkeypair -alias solr-ssl -keyalg RSA -keysize 2048 -keypass secret -storepass secret -validity 9999 -keystore solr-ssl.keystore.p12 -storetype PKCS12 -ext SAN=DNS:localhost,IP:192.168.1.3,IP:127.0.0.1 -dname "CN=localhost, OU=Organizational Unit, O=Organization, L=Location, ST=State, C=Country"
2. Change in solr.in.sh
SOLR_SSL_KEY_STORE=/...pathto/solr-ssl.keystore.p12
SOLR_SSL_KEY_STORE_PASSWORD=******
SOLR_SSL_TRUST_STORE=/pathto/solr-ssl.keystore.p12
SOLR_SSL_TRUST_STORE_PASSWORD=******
# Require clients to authenticate
SOLR_SSL_NEED_CLIENT_AUTH=false
3. zookeeper configuration
server/scripts/cloud-scripts/zkcli.sh -zkhost server1:2181 -cmd clusterprop -name urlScheme -val https
4.restart of solr /zoo
ERROR ON BROWSER
An error occurred during connection to hostname:solrport. Cannot communicate securely with peer . No common encryption algorithm(s).
Error Code: SSL_ERROR_NO_CYPHER_OVERLAP
Thank you
Anchal Sharma