313 |
313 |
|
314 |
314 |
<a name="ControlPanel"></a><div class="header1">The Replication Control Panel:</div>
|
315 |
315 |
There is an html control panel for controling replication. After
|
316 |
|
installing Metacat, you can access
|
317 |
|
it by going through the Metacat servlet context you have setup and calling up
|
318 |
|
replControl.html. For instance, if you setup a Metacat servlet instance
|
319 |
|
called 'knb' you would probably type
|
|
316 |
installing Metacat, you can access it by calling replControl.html. For instance, if you
|
|
317 |
setup a Metacat application context called 'knb' you would probably type :
|
320 |
318 |
|
321 |
|
<div class="code">http://server.domain.com:8080/Metacat/style/skins/dev/replControl.html</div>
|
|
319 |
<div class="code">http://server.domain.com/knb/style/skins/dev/replControl.html</div>
|
322 |
320 |
|
323 |
321 |
The control panel is an easy interface for adding/removing/altering servers and
|
324 |
322 |
starting the delta-T handler. It will also allow you to 'force replicate' your
|
... | ... | |
404 |
402 |
</li>
|
405 |
403 |
<li>Sample values when creating certificate</li>
|
406 |
404 |
<ul class="list2">
|
|
405 |
<li>Enter PEM pass phrase: (note: I use the first part of the host name)
|
407 |
406 |
<li>Country Name (2 letter code) [AU]: <b>US</b></li>
|
408 |
407 |
<li>State or Province Name (full name) [Some-State]: <b>California</b>
|
409 |
408 |
(note: this is spelled in full)</li>
|
410 |
409 |
<li>Locality Name (eg, city) []: <b>Santa Barbara</b></li>
|
411 |
|
<li>Organization Name (eg, company) [Internet Widgits Pty Ltd]: </b>UCSB</b></li>
|
|
410 |
<li>Organization Name (eg, company) [Internet Widgits Pty Ltd]: <b>UCSB</b></li>
|
412 |
411 |
<li>Organizational Unit Name (eg, section) []: <b>NCEAS</b></li>
|
413 |
412 |
<li>Common Name (eg, YOUR name) []: <b>myserver.mydomain.edu</b>
|
414 |
413 |
(note: use the host name without port number)</li>
|
... | ... | |
421 |
420 |
<ul class="list2">
|
422 |
421 |
<li>Run the command:
|
423 |
422 |
<div class="code">openssl req -x509 -days 800 -in REQ.pem -key <hostname>-apache.key -out <hostname>-apache.crt</div>
|
424 |
|
where <aliasname> is the same name you used when you created the certificate. </li>
|
425 |
|
<li>A file named <outputfile>.cert will be created in the same directory where you run the keytool
|
|
423 |
where <hostname> is the same name you used when you created the certificate. </li>
|
|
424 |
<li>A file named <hostname>-apache.crt will be created in the same directory where you run the keytool
|
426 |
425 |
command. You can name the output file anything you like, but keep in mind that it will get sent to the
|
427 |
426 |
partner machine used for replication. The filename should have have enough meaning that someone who sees
|
428 |
|
it on that machine can have some idea where it came from. Again, something like "<hostname>-tomcat.cert"
|
|
427 |
it on that machine can have some idea where it came from. Again, something like "<hostname>-apache.crt"
|
429 |
428 |
will suffice.</li>
|
430 |
429 |
</ul>
|
431 |
430 |
</li>
|
... | ... | |
467 |
466 |
replication server.
|
468 |
467 |
<ul class="list1">
|
469 |
468 |
<li>Import the remote certificate by running:
|
470 |
|
<div class="code">keytool -import -alias <remotehostalias> -file <remotehostfilename>.cert -keystore $JAVA_HOME/lib/security/cacerts</div>
|
|
469 |
<div class="code">keytool -import -alias <remotehostalias> -file <remotehostfilename>.crt -keystore $JAVA_HOME/jre/lib/security/cacerts</div>
|
471 |
470 |
where the <remotehostfilename> is the certificate file you created on the remote machine and
|
472 |
471 |
copied to this machine. The <remotehostalias> is the name the certificate will use in
|
473 |
472 |
the keystore. It should be something that identifies the remote host.
|
Update replication documentation and fix code so that replication log is available.