Revision 7220
Added by ben leinfelder about 12 years ago
| docs/user/metacat/source/replication.rst | ||
|---|---|---|
| 220 | 220 |
where the ``<remotehostfilename>`` is the name of the certificate file |
| 221 | 221 |
created on the remote partner machine and SCP'd to the home machine. |
| 222 | 222 |
|
| 223 |
To import a certificate into Java keystore (for self-signed certificates) |
|
| 224 |
....................... |
|
| 225 |
1. Use Java's keytool to import to the default Java keystore |
|
| 226 |
|
|
| 227 |
:: |
|
| 228 |
|
|
| 229 |
sudo keytool -import -alias <remotehostname_alias> -file <remotehostfilename> -keystore $JAVA_HOME/lib/security/cacerts |
|
| 230 |
|
|
| 231 |
2. Restart Tomcat |
|
| 232 |
|
|
| 233 |
:: |
|
| 234 |
|
|
| 235 |
sudo /etc/init.d/tomcat6 restart |
|
| 236 |
|
|
| 237 |
|
|
| 238 |
where the ``<remotehostfilename>`` is the name of the certificate file |
|
| 239 |
created on the remote partner machine and SCP'd to the home machine and |
|
| 240 |
<remotehostname_alias> is a short memorable alias for this certificate and |
|
| 241 |
$JAVA_HOME is the same as configured for running Tomcat. NOTE: the cacerts path may be different |
|
| 242 |
depending on your exact Java installation. |
|
| 243 |
|
|
| 223 | 244 |
Update your Metacat database |
| 224 | 245 |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 225 | 246 |
The simplest way to update the Metacat database to use replication is to use |
Also available in: Unified diff
add section about importing self-signed certificates into the Java keystore (now that we use strict verification on the java client side when calling replication endpoints).