Stages Documentation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
75:install [2020/06/08 08:09] – [(Optional) Secure MySQL connection with SSL] alz75:install [2020/07/17 15:59] emr
Line 94: Line 94:
  
 <code> <code>
-$JAVA_HOME/bin/keytool -importcert -alias MySQLCACert -file ca.pem -keystore truststore -storepass mypassword+$JAVA_HOME/bin/keytool -importcert -alias MySQLCACert -file ca.pem -keystore truststore.jks -storepass mypassword
  
 </code> </code>
Line 101: Line 101:
  
 <code> <code>
-&clientCertificateKeyStoreUrl=file:/opt/stages/conf/truststore&useSSL=true&clientCertificateKeyStorePassword=mypassword+&clientCertificateKeyStoreUrl=file:/opt/stages/conf/truststore.jks&useSSL=true&clientCertificateKeyStorePassword=mypassword
  
 </code> </code>
Line 111: Line 111:
  
 </code> </code>
- 
  
 ===== Configure Virus Scanner ===== ===== Configure Virus Scanner =====
Line 196: Line 195:
  
   * Ask for a DNS alias for the server, e.g. "stages.company.com"   * Ask for a DNS alias for the server, e.g. "stages.company.com"
-  * Ask for a SSL certificate for the server which refers to the above alias. Depending on your local procedures, this might require creating a certificate request (see [[https://www.digicert.com/csr-ssl-installation/tomcat-keytool.htm|https://www.digicert.com/csr-ssl-installation/tomcat-keytool.htm]] for more info).+  * Ask for a SSL certificate for the server which refers to the above alias. Depending on your local procedures, this might require creating a certificate request (see [[https://www.digicert.com/csr-ssl-installation/tomcat-keytool.htm|https://www.digicert.com/csr-ssl-installation/tomcat-keytool.htm]] for more info). If you are seeing "Invalid Certificate" errors in Chrome or Edge, add the "-ext SAN=dns:stages.yourcompany.com" argument to the keytool command and replace stages.yourcompany.com with the offical alias you use for accessing Stages.
   * Import the SSL certificate into a keystore (see link above for more info)   * Import the SSL certificate into a keystore (see link above for more info)
   * Configure Tomcat to use this SSL certificate (see link above for more info). The relevant Tomcat config file is located in ''conf/server.xml''  and the SSL info needs to be configured for each ''<Connector>''  section. After updating the config file, run ''bin/update.sh''  or ''bin\update.bat''  to install it at the correct location.   * Configure Tomcat to use this SSL certificate (see link above for more info). The relevant Tomcat config file is located in ''conf/server.xml''  and the SSL info needs to be configured for each ''<Connector>''  section. After updating the config file, run ''bin/update.sh''  or ''bin\update.bat''  to install it at the correct location.