Reputation: 6943
Is it possible to use Solr with SSL and CA-Signed Certs
I'd like to use SSL with my Solr instance (in the cloud). The instructions here speak only to using a self-signed cert https://cwiki.apache.org/confluence/display/solr/Enabling+SSL#EnablingSSL-CreateaSolrCloudcollectionusingbin/solr
But I'd rather not distribute around a keystore/truststore to each Solr node and my clients too.
Is there a way I can use CA-signed certs with Solr?
Upvotes: 2
Views: 3249
Answers (2)
Reputation: 558
Convert your CA cert into .PFX and place it in etc folder and update config as below -
set SOLR_SSL_KEY_STORE=etc/<certfilename>.pfx
set SOLR_SSL_KEY_STORE_TYPE=PKCS12
Upvotes: 1
Reputation: 49462
The Java truststore and keystore files are the same regardless if its self-signed or CA-signed certificates.
Using the instructions from your CA, import the appropriate certificates to the truststore and keystore that Solr will use, and then configure your Solr to point to your new truststore/keystore files (and required passwords to access the certificates).
In other words, follow the instructions you linked, just skip the first step (Generate a self-signed certificate and a key), the rest of the instructions are still valid, even with your CA-signed certificates.
Upvotes: 0
Related Questions
- SolrCloud with SSL and Basic Authentication
- Solr Https Secure Certificate Password
- How to enable Solr's HTTP and HTTPS ports simultaneously
- Solr 5 SSL and bin/post
- SSL certificate error in solr
- inter-Solr-node communication with SSL
- Running Solr with Jetty
- solr configuration on jetty container
- Solr running on Https - SolrJ Connection issue
- Can I integrate Solr with Sharepoint with out using Lucene Connector Framework