Changes between Version 30 and Version 31 of ESGFNodeTutorial

Timestamp:

Jul 10, 2017 5:34:15 PM (5 years ago)

Author:

zequi

Comment:

--

ESGFNodeTutorial

@@ -469 +469 @@
 You should own your certificate file (hostcert.crt) and your private key (hostkey.key). Your /etc/httpd/conf/esgf-httpd.conf must reference your certificate and key:
 
-    228         SSLVerifyClient optional
-    229         SSLVerifyDepth  10
-    230         SSLCertificateFile /etc/certs/hostcert.crt
-    231         #SSLCACertificateFile /etc/certs/esgf-ca-bundle.crt
-    232         SSLCertificateKeyFile /etc/certs/hostkey.key
-    233         #SSLCertificateChainFile /etc/certs/cachain.pem
-    234         SSLOptions +StdEnvVars +ExportCertData
+228         SSLVerifyClient optional
+
+229         SSLVerifyDepth  10
+
+230         SSLCertificateFile /etc/certs/hostcert.crt
+
+231         #SSLCACertificateFile /etc/certs/esgf-ca-bundle.crt
+
+232         SSLCertificateKeyFile /etc/certs/hostkey.key
+
+233         #SSLCertificateChainFile /etc/certs/cachain.pem
+
+234         SSLOptions +StdEnvVars +ExportCertData
 
 Then you have to import your certificate and your key into your tomcat keystore (located in /esg/config/tomcat/ and named esg-truststore.ts and keystore-tomcat). They are configurated in /usr/local/tomcat/conf/server.xml.
@@ -482 +488 @@
 
 2. Execute `# openssl pkcs12 -export -in /etc/certs/hostcert.crt -inkey /etc/certs/hostkey.key -out server.p12 -name my-esgf-node -CAfile /etc/certs/hostcert.crt -caname root` and `keytool -importkeystore -deststorepass PASSWORD -destkeypass PASSWORD -destkeystore keystore-tomcat -srckeystore server.p12 -srcstoretype PKCS12 -srcstorepass PASSWORD -alias my-esgf-node`
+
+4. Ensure it has been correctly installed with `keytool -v -list -keystore keystore-tomcat`.
 
 3. Restart the node: `esg-node restart`