I'm trying to install Alfresco Search Services by this guide. I've generated secure keys for SLL communitacion with ssl-generator tool and then moved them to solrhome/keystore.
Then I've made configurations in:
solrhome/templates/rerank/conf/solrcore.properties:
# solrcore.properties - used in solrconfig.xml # enable.alfresco.tracking=true # #These are replaced by the admin handler # #data.dir.root=DATA_DIR #data.dir.store=workspace/SpacesStore #alfresco.stores=workspace://SpacesStore # # Properties loaded during alfresco tracking # alfresco.host=localhost alfresco.port=8080 alfresco.port.ssl=8443 alfresco.baseUrl=/alfresco #alfresco.index.transformContent=false #alfresco.ignore.datatype.1=d:content alfresco.lag=1000 alfresco.hole.retention=3600000 # alfresco.hole.check.after is not used yet # It will reduce the hole checking load alfresco.hole.check.after=300000 alfresco.batch.count=5000 alfresco.recordUnindexedNodes=false # encryption # none, https alfresco.secureComms=https # ssl, default values # keystore and trustore files are not provided by default alfresco.encryption.ssl.keystore.type=JCEKS alfresco.encryption.ssl.keystore.location=/opt/alfresco-community-201911/alfresco-search-services/solrhome/keystore/ssl-repo-client.keystore alfresco.encryption.ssl.keystore.passwordFileLocation= alfresco.encryption.ssl.truststore.type=JCEKS alfresco.encryption.ssl.truststore.provider= alfresco.encryption.ssl.truststore.location=/opt/alfresco-community-201911/alfresco-search-services/solrhome/keystore/ssl-repo-client.truststore alfresco.encryption.ssl.truststore.passwordFileLocation= # Default Tracker alfresco.cron=0/10 * * * * ? * alfresco.corePoolSize=8 alfresco.maximumPoolSize=-1 alfresco.keepAliveTime=120 alfresco.threadPriority=5 alfresco.threadDaemon=true alfresco.workQueueSize=-1 alfresco.commitInterval=2000 alfresco.newSearcherInterval=3000 #ACL tracker configuration #alfresco.acl.tracker.cron= #alfresco.acl.tracker.corePoolSize= #alfresco.acl.tracker.maximumPoolSize= #alfresco.acl.tracker.keepAliveTime= #alfresco.acl.tracker.threadPriority= #alfresco.acl.tracker.threadDaemon= #alfresco.acl.tracker.workQueueSize= #Content tracker config #alfresco.content.tracker.cron= #alfresco.content.tracker.corePoolSize= #alfresco.content.tracker.maximumPoolSize= #alfresco.content.tracker.keepAliveTime= #alfresco.content.tracker.threadPriority= #alfresco.content.tracker.threadDaemon= #alfresco.content.tracker.workQueueSize= #Metadata tracker config #alfresco.metadata.tracker.cron= #alfresco.metadata.tracker.corePoolSize= #alfresco.metadata.tracker.maximumPoolSize= #alfresco.metadata.tracker.keepAliveTime= #alfresco.metadata.tracker.threadPriority= #alfresco.metadata.tracker.threadDaemon= #alfresco.metadata.tracker.workQueueSize= # HTTP Client alfresco.maxTotalConnections=200 alfresco.maxHostConnections=200 alfresco.socketTimeout=360000 # SOLR caching solr.filterCache.size=256 solr.filterCache.initialSize=128 solr.queryResultCache.size=1024 solr.queryResultCache.initialSize=1024 solr.documentCache.size=1024 solr.documentCache.initialSize=1024 solr.queryResultMaxDocsCached=2048 solr.authorityCache.size=128 solr.authorityCache.initialSize=64 solr.pathCache.size=256 solr.pathCache.initialSize=128 solr.ownerCache.size=128 solr.ownerCache.initialSize=64 solr.readerCache.size=128 solr.readerCache.initialSize=64 solr.deniedCache.size=128 solr.deniedCache.initialSize=64 # SOLR solr.maxBooleanClauses=10000 # Batch fetch alfresco.transactionDocsBatchSize=500 alfresco.nodeBatchSize=100 alfresco.changeSetAclsBatchSize=500 alfresco.aclBatchSize=100 alfresco.contentReadBatchSize=100 alfresco.contentUpdateBatchSize=1000 # Warming solr.filterCache.autowarmCount=32 solr.authorityCache.autowarmCount=4 solr.pathCache.autowarmCount=32 solr.deniedCache.autowarmCount=0 solr.readerCache.autowarmCount=0 solr.ownerCache.autowarmCount=0 solr.queryResultCache.autowarmCount=4 solr.documentCache.autowarmCount=512 solr.queryResultWindowSize=512 # # TODO # # cross language support # locale expansion # logging check report .... # # alfresco.doPermissionChecks=true # Evaluate permissions as a PostFilter. Setting this to false will evaluate permissions as a Query. alfresco.postfilter=true # # Metadata pulling control # alfresco.metadata.skipDescendantDocsForSpecificTypes=false alfresco.metadata.ignore.datatype.0=cm:person alfresco.metadata.ignore.datatype.1=app:configurations alfresco.metadata.skipDescendantDocsForSpecificAspects=false #alfresco.metadata.ignore.aspect.0= alfresco.topTermSpanRewriteLimit=1000 # # Suggestions # solr.suggester.enabled=true # -1 to disable suggester build throttling solr.suggester.minSecsBetweenBuilds=3600 # # Limit the maximum text size of transformed content sent to the index - in bytes # alfresco.contentStreamLimit=10000000 #Shard setup shard.method=DB_ID #END of solrcore
alfresco-search-services/solr.in.sh:
# Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Settings here will override settings in existing env vars or in bin/solr. The default shipped state # of this file is completely commented. # By default the script will use JAVA_HOME to determine which java # to use, but you can set a specific path for Solr to use without # affecting other Java applications on your server/workstation. #SOLR_JAVA_HOME="" # This controls the number of seconds that the solr script will wait for # Solr to stop gracefully or Solr to start. If the graceful stop fails, # the script will forcibly stop Solr. If the start fails, the script will # give up waiting and display the last few lines of the logfile. #SOLR_STOP_WAIT="180" # Increase Java Heap as needed to support your indexing / query needs #SOLR_HEAP="512m" # Expert: If you want finer control over memory options, specify them directly # Comment out SOLR_HEAP if you are using this though, that takes precedence SOLR_JAVA_MEM="-Xms1g -Xmx1g" # Enable verbose GC logging... # * If this is unset, various default options will be selected depending on which JVM version is in use # * For Java 8: if this is set, additional params will be added to specify the log file & rotation # * For Java 9 or higher: each included opt param that starts with '-Xlog:gc', but does not include an # output specifier, will have a 'file' output specifier (as well as formatting & rollover options) # appended, using the effective value of the SOLR_LOGS_DIR. # #GC_LOG_OPTS='-Xlog:gc*' # (Java 9+) #GC_LOG_OPTS="-verbose:gc -XX:+PrintHeapAtGC -XX:+PrintGCDetails \ # -XX:+PrintGCDateStamps -XX:+PrintGCTimeStamps -XX:+PrintTenuringDistribution -XX:+PrintGCApplicationStoppedTime" # These GC settings have shown to work well for a number of common Solr workloads #GC_TUNE="-XX:NewRatio=3 -XX:SurvivorRatio=4 etc. # Set the ZooKeeper connection string if using an external ZooKeeper ensemble # e.g. host1:2181,host2:2181/chroot # Leave empty if not using SolrCloud #ZK_HOST="" # Set the ZooKeeper client timeout (for SolrCloud mode) #ZK_CLIENT_TIMEOUT="15000" # By default the start script uses "localhost"; override the hostname here # for production SolrCloud environments to control the hostname exposed to cluster state #SOLR_HOST="192.168.1.1" # By default the start script uses UTC; override the timezone if needed #SOLR_TIMEZONE="UTC" # Set to true to activate the JMX RMI connector to allow remote JMX client applications # to monitor the JVM hosting Solr; set to "false" to disable that behavior # (false is recommended in production environments) #ENABLE_REMOTE_JMX_OPTS="false" # The script will use SOLR_PORT+10000 for the RMI_PORT or you can set it here # RMI_PORT=18983 # Alfresco configuration. This file is automatically included by solr. You can define your custom settings here SOLR_OPTS="$SOLR_OPTS -Dsolr.jetty.request.header.size=1000000 -Dsolr.jetty.threads.stop.timeout=300000 -Ddisable.configEdit=true" # Anything you add to the SOLR_OPTS variable will be included in the java # start command line as-is, in ADDITION to other options. If you specify the # -a option on start script, those options will be appended as well. Examples: #SOLR_OPTS="$SOLR_OPTS -Dsolr.autoSoftCommit.maxTime=3000" #SOLR_OPTS="$SOLR_OPTS -Dsolr.autoCommit.maxTime=60000" #SOLR_OPTS="$SOLR_OPTS -Dsolr.clustering.enabled=true" # Location where the bin/solr script will save PID files for running instances # If not set, the script will create PID files in $SOLR_TIP/bin #SOLR_PID_DIR= # Path to a directory for Solr to store cores and their data. By default, Solr will use server/solr # If solr.xml is not stored in ZooKeeper, this directory needs to contain solr.xml #SOLR_HOME= # Solr provides a default Log4J configuration properties file in server/resources # however, you may want to customize the log settings and file appender location # so you can point the script to use a different log4j.properties file #LOG4J_PROPS=/var/solr/log4j.properties # Changes the logging level. Valid values: ALL, TRACE, DEBUG, INFO, WARN, ERROR, FATAL, OFF. Default is INFO # This is an alternative to changing the rootLogger in log4j.properties #SOLR_LOG_LEVEL=INFO # Location where Solr should write logs to. Absolute or relative to solr start dir SOLR_LOGS_DIR=../../logs LOG4J_PROPS=$SOLR_LOGS_DIR/log4j.properties # Enables log rotation, cleanup, and archiving during start. Setting SOLR_LOG_PRESTART_ROTATION=false will skip start # time rotation of logs, and the archiving of the last GC and console log files. It does not affect Log4j configuration. # This pre-startup rotation may need to be disabled depending how much you customize the default logging setup. #SOLR_LOG_PRESTART_ROTATION=true # Sets the port Solr binds to, default is 8983 #SOLR_PORT=8983 # Uncomment to set SSL-related system properties # Be sure to update the paths to the correct keystore for your environment SOLR_SSL_KEY_STORE=/opt/alfresco-community-201911/alfresco-search-services/solrhome/keystore/ssl-repo-client.keystore SOLR_SSL_KEY_STORE_PASSWORD=keystore SOLR_SSL_KEY_STORE_TYPE=JCEKS SOLR_SSL_TRUST_STORE=/opt/alfresco-community-201911/alfresco-search-services/solrhome/keystore/ssl-repo-client.truststore SOLR_SSL_TRUST_STORE_PASSWORD=truststore SOLR_SSL_TRUST_STORE_TYPE=JCEKS SOLR_SSL_NEED_CLIENT_AUTH=true SOLR_SSL_WANT_CLIENT_AUTH=false # Uncomment if you want to override previously defined SSL values for HTTP client # otherwise keep them commented and the above values will automatically be set for HTTP clients #SOLR_SSL_CLIENT_KEY_STORE= #SOLR_SSL_CLIENT_KEY_STORE_PASSWORD= #SOLR_SSL_CLIENT_KEY_STORE_TYPE= #SOLR_SSL_CLIENT_TRUST_STORE= #SOLR_SSL_CLIENT_TRUST_STORE_PASSWORD= #SOLR_SSL_CLIENT_TRUST_STORE_TYPE= # Settings for authentication # Please configure only one of SOLR_AUTHENTICATION_CLIENT_CONFIGURER or SOLR_AUTH_TYPE parameters #SOLR_AUTHENTICATION_CLIENT_CONFIGURER="org.apache.solr.client.solrj.impl.PreemptiveBasicAuthConfigurer" #SOLR_AUTH_TYPE="basic" #SOLR_AUTHENTICATION_OPTS="-Dbasicauth=solr:SolrRocks" # Settings for ZK ACL #SOLR_ZK_CREDS_AND_ACLS="-DzkACLProvider=org.apache.solr.common.cloud.VMParamsAllAndReadonlyDigestZkACLProvider \ # -DzkCredentialsProvider=org.apache.solr.common.cloud.VMParamsSingleSetCredentialsDigestZkCredentialsProvider \ # -DzkDigestUsername=admin-user -DzkDigestPassword=CHANGEME-ADMIN-PASSWORD \ # -DzkDigestReadonlyUsername=readonly-user -DzkDigestReadonlyPassword=CHANGEME-READONLY-PASSWORD" #SOLR_OPTS="$SOLR_OPTS $SOLR_ZK_CREDS_AND_ACLS"
The command I use to run new instance:
./solr start -a "-Dcreate.alfresco.defaults=alfresco,archive -Dsolr.ssl.checkPeerName=false -Dsolr.allow.unsafe.resourceloading=true -Dssl-keystore.password=keystore -Dssl-keystore.aliases=ssl-alfresco-ca,ssl-repo-client -Dssl-keystore.ssl-alfresco-ca.password=keystore -Dssl-keystore.ssl-repo-client.password=keystore -Dssl-truststore.password=truststore -Dssl-truststore.aliases=ssl-alfresco-ca,ssl-repo,ssl-repo-client -Dssl-truststore.ssl-alfresco-ca.password=truststore -Dssl-truststore.ssl-repo.password=truststore -Dssl-truststore.ssl-repo-client.password=truststore" -f -force
But I get this error:
It basically says, that my defined path for keystore points to a directory instead of a file which makes no sense to me. I've tried to move the keystore file in other directories or use configuration with some random path, but I always get this same error so it seems that "alfresco.encryption.ssl.keystore.location" in "solrcore.properties" has no impact on this error.
I wonder if there is some wrong configuration in my files or some other problem, but I've double checked every step from the guide and I'm stucked now. I will be very grateful for any help.
Search Services - Failed to initialize keystore
FBoros
Active Member
0
Search Services - Failed to initialize keystore
FBoros
Active Member
0
We use cookies on this site to enhance your user experience
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.