AnsweredAssumed Answered

alfresco and solr without SSL

Question asked by sws on Mar 17, 2015
Latest reply on Mar 24, 2015 by openpj
Hi,

I configured an alfresco instance on a virtual server with an existing tomcat7 running behind an apache2 via ajp-connector. SSL is dealt with by apache2.

I configured Solr4 and alfresco to connect to each other without SSL as described in http://docs.alfresco.com/5.0/tasks/running-without-ssl.html.

But alfresco stil demands a keystore file. See log:


ERROR [quartz.core.JobRunShell] [SolrTrackerScheduler_Worker-1] Job Solr.CoreWatcher threw an unhandled Exception:
org.alfresco.error.AlfrescoRuntimeException: 02170125 Failed to initialize keystore:
   Location: ssl.repo.client.keystore
   Provider:
   Type:     JCEKS
   at org.alfresco.encryption.AlfrescoKeyStoreImpl.loadKeyStore(AlfrescoKeyStoreImpl.java:566)
   at org.alfresco.encryption.AlfrescoKeyStoreImpl.safeInit(AlfrescoKeyStoreImpl.java:537)
   at org.alfresco.encryption.AlfrescoKeyStoreImpl.<init>(AlfrescoKeyStoreImpl.java:114)
   at org.alfresco.httpclient.HttpClientFactory.init(HttpClientFactory.java:149)
   at org.alfresco.httpclient.HttpClientFactory.<init>(HttpClientFactory.java:144)
   at org.alfresco.solr.client.SOLRAPIClientFactory.getRepoClient(SOLRAPIClientFactory.java:173)
   at org.alfresco.solr.client.SOLRAPIClientFactory.getSOLRAPIClient(SOLRAPIClientFactory.java:156)
   at org.alfresco.solr.tracker.CoreWatcherJob.registerForCore(CoreWatcherJob.java:105)
   at org.alfresco.solr.tracker.CoreWatcherJob.execute(CoreWatcherJob.java:74)
   at org.quartz.core.JobRunShell.run(JobRunShell.java:216)
   at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)
Caused by: org.alfresco.error.AlfrescoRuntimeException: 02170124 Unable to load key store: ssl.repo.client.keystore
   at org.alfresco.encryption.AlfrescoKeyStoreImpl.loadKeyStore(AlfrescoKeyStoreImpl.java:513)
   at org.alfresco.encryption.AlfrescoKeyStoreImpl.loadKeyStore(AlfrescoKeyStoreImpl.java:561)
   … 10 more
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
   at com.sun.crypto.provider.JceKeyStore.engineLoad(JceKeyStore.java:867)
   at java.security.KeyStore.load(KeyStore.java:1214)
   at org.alfresco.encryption.AlfrescoKeyStoreImpl.loadKeyStore(AlfrescoKeyStoreImpl.java:496)
   … 11 more


In server.xml of tomcat7 the connector with port 8443 is commented out so there are only connectors for 8080 and ajp connector. So solr4 and alfresco should only connect through port 8080.
All keystores were emptied by keytool commands. Alfresco should not ask for any keystore. Nor should solr4.

How can I get solr4 and alfresco really run without SSL?

Regards,
Sebastian

Outcomes