Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Problem after replacing certificate

frank_l
Champ in-the-making
Champ in-the-making

‎12-13-2012 01:07 PM

hi,
i've installed 4.2d alfresco with windows setup(but the same with 4.2c), and no problem with original certificate and SOLR.

After that,i've changed original auth certificate(s) with a Digicert signed certificate(s) with this procedure:
- Creation of ssl.keystore that contains signed ssl.repo and Digicert root certificate
- Creation of ssl.truststore with Digicert Root certificate
- Copy ssl.truststore and ssl.keystore in %ALFRESCO_HOME%/alf_data/keystore
- Change ssl-keystore-passwords.properties and ssl-truststore-passwords.properties in %ALFRESCO_HOME%/alf_data/keystore

- Creation of ssl.repo.client.keystore that contains signed ssl.repo.client and Digicert root certificate
- Copy ssl.truststore and ssl.repo.client.keystore in each %SOLR_HOME%/../conf directory
- Change ssl-keystore-passwords.properties and ssl-truststore-passwords.properties in each %SOLR_HOME%/../conf directory
- Change server.xml configuration connector with new pw
- Change tomcat-users.xml to reflect the new DN

- Restart

At this point i can not view new users in people search and not even new activities

In solr.log i can see this problem:
18:04:30,075 ERROR [org.quartz.core.ErrorLogger] Job (Solr.CoreTracker-archive threw an exception.
org.quartz.SchedulerException: Job threw an unhandled exception. [See nested exception: org.alfresco.error.AlfrescoRuntimeException: 11130621 GetModelsDiff return status is 403]
   at org.quartz.core.JobRunShell.run(JobRunShell.java:227)
   at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)
Caused by: org.alfresco.error.AlfrescoRuntimeException: 11130621 GetModelsDiff return status is 403
.
.
.


No effect rebuilding solr index.


Regards,
Frank
Labels:
0 Kudos
2 REPLIES 2

frank_l
Champ in-the-making
Champ in-the-making

‎12-16-2012 02:53 PM

Update:
disabling the https usage in SOLR seems to solve the issue.

Any suggest about the source of the problem.

Regards
0 Kudos

itnovum
Champ in-the-making
Champ in-the-making

‎12-31-2012 06:17 AM

Hi,

I have not really a solution for your problem, but to clear things up:

403 is forbidden.

In this case, solr or alfresco are not allowed to speak with each other. Most likely its because of not matching truststores/keystores.

In consequence, if you disable https, no authentication is performed at all, so a 403 can not be thrown.

Regards
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC