You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@solr.apache.org by Sri V <sr...@gmail.com> on 2022/04/26 10:50:33 UTC

solr ssl issue in aws ec2

Hi,



I am using solr version 8.11.1 installed in aws linux ec2. I tried the SSL
configuration as per the steps mentioned in solr documentation for the same
version. But it was not working in https. Still it works in http only. The
following are the details,

The installation directory is

/opt/solr

the ssl file is created using keytool command and converted to pem format
which is placed in the directory

/opt/solr/server/etc

the solr.in.sh file is placed in the directory

/opt/solr/bin



and the content in the solr.in.sh file is as follows

SOLR_SSL_ENABLED=true
 # Uncomment to set SSL-related system properties
 # Be sure to update the paths to the correct keystore for your environment
SOLR_SSL_KEY_STORE=etc/cert.pem
SOLR_SSL_KEY_STORE_PASSWORD=keysecret

SOLR_SSL_TRUST_STORE=etc/cert.pem
SOLR_SSL_TRUST_STORE_PASSWORD=keysecret
 # Require clients to authenticate
SOLR_SSL_NEED_CLIENT_AUTH=false
 # Enable clients to authenticate (but not require)
SOLR_SSL_WANT_CLIENT_AUTH=false
 # SSL Certificates contain host/ip "peer name" information that is
validated by default. Setting
 # this to false can be useful to disable these checks when re-using a
certificate on many hosts
SOLR_SSL_CHECK_PEER_NAME=true

With the above information, pls advise why ssl is not working for me.


Thanks,
Sree.

Re: solr ssl issue in aws ec2

Posted by Jan Høydahl <ja...@cominvent.com>.

Hi,

Assuming you installed Solr manually using the bin/install_solr_service.sh script, then the correct location of your solr.in.sh is /etc/default/solr.in.sh

If you start solr manually from /opt/solr/bin folder, then the solr.in.sh in that folder will be used, and you should see some hints in solr.log that SSL is being activated.

If you need more help, please include relevant error messages.

Jan

> 26. apr. 2022 kl. 12:50 skrev Sri V <sr...@gmail.com>:
> 
> Hi,
> 
> 
> 
> I am using solr version 8.11.1 installed in aws linux ec2. I tried the SSL
> configuration as per the steps mentioned in solr documentation for the same
> version. But it was not working in https. Still it works in http only. The
> following are the details,
> 
> The installation directory is
> 
> /opt/solr
> 
> the ssl file is created using keytool command and converted to pem format
> which is placed in the directory
> 
> /opt/solr/server/etc
> 
> the solr.in.sh file is placed in the directory
> 
> /opt/solr/bin
> 
> 
> 
> and the content in the solr.in.sh file is as follows
> 
> SOLR_SSL_ENABLED=true
> # Uncomment to set SSL-related system properties
> # Be sure to update the paths to the correct keystore for your environment
> SOLR_SSL_KEY_STORE=etc/cert.pem
> SOLR_SSL_KEY_STORE_PASSWORD=keysecret
> 
> SOLR_SSL_TRUST_STORE=etc/cert.pem
> SOLR_SSL_TRUST_STORE_PASSWORD=keysecret
> # Require clients to authenticate
> SOLR_SSL_NEED_CLIENT_AUTH=false
> # Enable clients to authenticate (but not require)
> SOLR_SSL_WANT_CLIENT_AUTH=false
> # SSL Certificates contain host/ip "peer name" information that is
> validated by default. Setting
> # this to false can be useful to disable these checks when re-using a
> certificate on many hosts
> SOLR_SSL_CHECK_PEER_NAME=true
> 
> With the above information, pls advise why ssl is not working for me.
> 
> 
> Thanks,
> Sree.