Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
75:install [2020/05/28 17:53] – emr | 75:install [2020/07/17 15:59] – emr |
---|
| |
<code> | <code> |
$JAVA_HOME/bin/keytool -importcert -alias MySQLCACert -file ca.pem -keystore truststore -storepass mypassword | $JAVA_HOME/bin/keytool -importcert -alias MySQLCACert -file ca.pem -keystore truststore.jks -storepass mypassword |
| |
</code> | </code> |
| |
<code> | <code> |
&clientCertificateKeyStoreUrl=file:/opt/stages/conf/truststore&&useSSL=trueclientCertificateKeyStorePassword=mypassword | &clientCertificateKeyStoreUrl=file:/opt/stages/conf/truststore.jks&useSSL=true&clientCertificateKeyStorePassword=mypassword |
| |
</code> | </code> |
| |
* Ask for a DNS alias for the server, e.g. "stages.company.com" | * Ask for a DNS alias for the server, e.g. "stages.company.com" |
* Ask for a SSL certificate for the server which refers to the above alias. Depending on your local procedures, this might require creating a certificate request (see [[https://www.digicert.com/csr-ssl-installation/tomcat-keytool.htm|https://www.digicert.com/csr-ssl-installation/tomcat-keytool.htm]] for more info). | * Ask for a SSL certificate for the server which refers to the above alias. Depending on your local procedures, this might require creating a certificate request (see [[https://www.digicert.com/csr-ssl-installation/tomcat-keytool.htm|https://www.digicert.com/csr-ssl-installation/tomcat-keytool.htm]] for more info). If you are seeing "Invalid Certificate" errors in Chrome or Edge, add the "-ext SAN=dns:stages.yourcompany.com" argument to the keytool command and replace stages.yourcompany.com with the offical alias you use for accessing Stages. |
* Import the SSL certificate into a keystore (see link above for more info) | * Import the SSL certificate into a keystore (see link above for more info) |
* Configure Tomcat to use this SSL certificate (see link above for more info). The relevant Tomcat config file is located in ''conf/server.xml'' and the SSL info needs to be configured for each ''<Connector>'' section. After updating the config file, run ''bin/update.sh'' or ''bin\update.bat'' to install it at the correct location. | * Configure Tomcat to use this SSL certificate (see link above for more info). The relevant Tomcat config file is located in ''conf/server.xml'' and the SSL info needs to be configured for each ''<Connector>'' section. After updating the config file, run ''bin/update.sh'' or ''bin\update.bat'' to install it at the correct location. |