Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

SSL Keystore issue

chrisokelly
Champ on-the-rise
Champ on-the-rise

‎08-16-2012 11:09 PM

Hi Guys,
Last night the certificate in our ssl.keystore expired, so this morning I have been trying to recreate it. We would like to use our own, CA-signed certificate, however i am also trying with just the plain Alfresco CA also (when I couldn't get it to work). Prior to the certificates expiring the site was working fine.
using the Alfresco CA we have simply followed the steps exactly in CreateSSLKeystores.txt. I create the keystores in alf_data/keystore, which is the location pointed to in alfresco-global.properties. When we try using our own certificate I simply copy our files to ca.crt and ca.key in the directory then follow the same steps, after which I also import the digiCert root CA into ssl.truststore.
When the server starts up, I see the following in catalina.out:
 2012-08-17 12:44:41,263  ERROR [web.context.ContextLoader] [main] Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'twitterDeliveryChannelType' defined in URL [file:/opt/alfresco-4.0.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/twitter-publishing-context.xml]: Cannot create inner bean 'org.springframework.social.twitter.connect.TwitterConnectionFactory#18287811' of type [org.springframework.social.twitter.connect.TwitterConnectionFactory] while setting bean property 'connectionFactory'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.social.twitter.connect.TwitterConnectionFactory#18287811' defined in URL [file:/opt/alfresco-4.0.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/twitter-publishing-context.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.social.twitter.connect.TwitterConnectionFactory]: Constructor threw exception; nested exception is java.lang.IllegalStateException: Failure initializing default SSL context        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281)        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:120)        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)        at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)        at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)        at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:580)        at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)        at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4135)        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4630)        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546)        at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:637)        at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:563)        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:498)        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277)        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:321)        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)        at org.apache.catalina.core.StandardHost.start(StandardHost.java:785)        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445)        at org.apache.catalina.core.StandardService.start(StandardService.java:519)        at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)        at org.apache.catalina.startup.Catalina.start(Catalina.java:581)        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)        at java.lang.reflect.Method.invoke(Method.java:597)        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.social.twitter.connect.TwitterConnectionFactory#18287811' defined in URL [file:/opt/alfresco-4.0.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/twitter-publishing-context.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.social.twitter.connect.TwitterConnectionFactory]: Constructor threw exception; nested exception is java.lang.IllegalStateException: Failure initializing default SSL context        at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:288)        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1003)        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:907)        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:485)        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:270)        … 40 moreCaused by: org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.social.twitter.connect.TwitterConnectionFactory]: Constructor threw exception; nested exception is java.lang.IllegalStateException: Failure initializing default SSL context        at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:141)        at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:108)        at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:280)        … 45 moreCaused by: java.lang.IllegalStateException: Failure initializing default SSL context        at org.apache.http.conn.ssl.SSLSocketFactory.createDefaultSSLContext(SSLSocketFactory.java:211)        at org.apache.http.conn.ssl.SSLSocketFactory.<init>(SSLSocketFactory.java:333)        at org.apache.http.conn.ssl.SSLSocketFactory.getSocketFactory(SSLSocketFactory.java:165)        at org.springframework.social.support.HttpComponentsClientHttpRequestFactory$HttpComponentsClient_4_1.getInstance(HttpComponentsClientHttpRequestFactory.java:185)        at org.springframework.social.support.HttpComponentsClientHttpRequestFactory.<init>(HttpComponentsClientHttpRequestFactory.java:79)        at org.springframework.social.support.ClientHttpRequestFactorySelector$HttpComponentsClientRequestFactoryCreator$1.<init>(ClientHttpRequestFactorySelector.java:68)        at org.springframework.social.support.ClientHttpRequestFactorySelector$HttpComponentsClientRequestFactoryCreator.createRequestFactory(ClientHttpRequestFactorySelector.java:68)        at org.springframework.social.support.ClientHttpRequestFactorySelector.getRequestFactory(ClientHttpRequestFactorySelector.java:44)        at org.springframework.social.oauth1.OAuth1Template.createRestTemplate(OAuth1Template.java:169)        at org.springframework.social.oauth1.OAuth1Template.<init>(OAuth1Template.java:92)        at org.springframework.social.oauth1.OAuth1Template.<init>(OAuth1Template.java:76)        at org.springframework.social.twitter.connect.TwitterServiceProvider.<init>(TwitterServiceProvider.java:31)        at org.springframework.social.twitter.connect.TwitterConnectionFactory.<init>(TwitterConnectionFactory.java:28)        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)        at java.lang.reflect.Constructor.newInstance(Constructor.java:513)        at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:126)        … 47 moreCaused by: java.security.KeyStoreException: problem accessing trust storejava.io.IOException: Invalid keystore format        at com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl.engineInit(TrustManagerFactoryImpl.java:55)        at javax.net.ssl.TrustManagerFactory.init(TrustManagerFactory.java:230)        at org.apache.http.conn.ssl.SSLSocketFactory.createSSLContext(SSLSocketFactory.java:190)        at org.apache.http.conn.ssl.SSLSocketFactory.createDefaultSSLContext(SSLSocketFactory.java:209)        … 64 more…Other lines we see in a normal startup……After server finished starting:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)        at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:632)        at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)        at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)        at java.io.BufferedOutputStream.write(BufferedOutputStream.java:104)        at java.io.FilterOutputStream.write(FilterOutputStream.java:80)        at org.apache.commons.httpclient.methods.ByteArrayRequestEntity.writeRequest(ByteArrayRequestEntity.java:90)        at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)        at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)        at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)        at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)        at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)        at org.alfresco.httpclient.AbstractHttpClient.executeMethod(AbstractHttpClient.java:110)        at org.alfresco.httpclient.AbstractHttpClient.sendRemoteRequest(AbstractHttpClient.java:86)        at org.alfresco.httpclient.HttpClientFactory$HttpsClient.sendRequest(HttpClientFactory.java:307)        at org.alfresco.solr.client.SOLRAPIClient.getModelsDiff(SOLRAPIClient.java:1007)        at org.alfresco.solr.tracker.CoreTracker.trackModels(CoreTracker.java:1630)        at org.alfresco.solr.tracker.CoreTracker.trackRepository(CoreTracker.java:1134)        at org.alfresco.solr.tracker.CoreTracker.updateIndex(CoreTracker.java:491)        at org.alfresco.solr.tracker.CoreTrackerJob.execute(CoreTrackerJob.java:45)        at org.quartz.core.JobRunShell.run(JobRunShell.java:216)        at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)        at sun.security.validator.Validator.validate(Validator.java:218)        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)        … 28 moreCaused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)        … 34 more‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

The initial error refers to the trust store being in an incorrect format, which I do not understand. In alfresco-global.properties:
###SSL Cert Directory definitionalfresco.encryption.ssl.keystore.location=${dir.keystore}/ssl.keystorealfresco.encryption.ssl.keystore.provider=SunJCEalfresco.encryption.ssl.keystore.type=JCEKSalfresco.encryption.ssl.keystore.keyMetaData.location=${dir.keystore}/ssl-keystore-passwords.propertiesalfresco.encryption.ssl.truststore.location=${dir.keystore}/ssl.truststorealfresco.encryption.ssl.truststore.provider=SunJCEalfresco.encryption.ssl.truststore.type=JCEKSalfresco.encryption.ssl.truststore.keyMetaData.location=${dir.keystore}/ssl-truststore-passwords.properties###End SSL Cert Directory Definition‍‍‍‍‍‍‍‍‍‍‍‍‍

the truststore.type is set as JCEKS, and in the truststore file itself:
/opt/alfresco-4.0.d/alf_data/keystore$ sudo keytool -list -v -keystore ssl.truststore -storetype JCEKSEnter keystore password:Keystore type: JCEKSKeystore provider: SunJCEYour keystore contains 2 entries…‍‍‍‍‍‍‍

I would very much appreciate some help, as I have no clue where all this leads me. The most I can figure out is that the exception seems identical to what I get when I try to view the keystore without specifying the -storetype, such as:
/opt/alfresco-4.0.d/alf_data/keystore$ sudo keytool -list -v -keystore ssl.truststorekeytool error: java.io.IOException: Invalid keystore formatjava.io.IOException: Invalid keystore format        at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:650)        at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)        at java.security.KeyStore.load(KeyStore.java:1201)        at sun.security.tools.KeyTool.doCommands(KeyTool.java:647)        at sun.security.tools.KeyTool.run(KeyTool.java:194)        at sun.security.tools.KeyTool.main(KeyTool.java:188)‍‍‍‍‍‍‍‍‍‍

Edit:
A little more info - I no longer see the twitter channel issue in catalina.out while starting, but once started we see a repetition of 
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)        at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:632)        at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)        at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)        at java.io.BufferedOutputStream.write(BufferedOutputStream.java:104)        at java.io.FilterOutputStream.write(FilterOutputStream.java:80)        at org.apache.commons.httpclient.methods.ByteArrayRequestEntity.writeRequest(ByteArrayRequestEntity.java:90)        at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)        at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)        at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)        at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)        at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)        at org.alfresco.httpclient.AbstractHttpClient.executeMethod(AbstractHttpClient.java:110)        at org.alfresco.httpclient.AbstractHttpClient.sendRemoteRequest(AbstractHttpClient.java:86)        at org.alfresco.httpclient.HttpClientFactory$HttpsClient.sendRequest(HttpClientFactory.java:307)        at org.alfresco.solr.client.SOLRAPIClient.getModelsDiff(SOLRAPIClient.java:1007)        at org.alfresco.solr.tracker.CoreTracker.trackModels(CoreTracker.java:1630)        at org.alfresco.solr.tracker.CoreTracker.trackRepository(CoreTracker.java:1134)        at org.alfresco.solr.tracker.CoreTracker.updateIndex(CoreTracker.java:491)        at org.alfresco.solr.tracker.CoreTrackerJob.execute(CoreTrackerJob.java:45)        at org.quartz.core.JobRunShell.run(JobRunShell.java:216)        at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)        at sun.security.validator.Validator.validate(Validator.java:218)        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)        … 28 moreCaused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)        … 34 more‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

/alfresco and share are accessible but these error messages continue appearing, so I assume that the site is not indexing.
Labels:
0 Kudos
4 REPLIES 4

sujaypillai
Confirmed Champ
Confirmed Champ

‎08-17-2012 02:49 AM

Hi Chrisokelly,

The error you are receiving is due to the reason that the SSL certificates for SOLR and the Repository got expired on 16th August2012, which should have been informed to you if you are an Enterprise customer. Please log in to your support portal to get the .bat/.sh file to generate new certificates.


Thanks,
0 Kudos

mikeh
Star Contributor
Star Contributor

‎08-17-2012 06:02 AM

Just to be clear, it's also been announced on the Community Forums here: https://forums.alfresco.com/en/viewtopic.php?f=2&t=45940

Thanks,
Mike
0 Kudos

heiko_robert
Star Collaborator
Star Collaborator

‎08-17-2012 07:37 AM

If you need assistance to create secure new certificates feel free to send us a message: alfrescocerts@ecm4u.de

We would be happy to help you!

Regards

Heiko


Heiko Robert - http://www.ecm4u.de - just simply use ECM in processes
0 Kudos

chrisokelly
Champ on-the-rise
Champ on-the-rise

‎08-19-2012 07:16 PM

Hi Guys,
Last night the certificate in our ssl.keystore expired…

Just pointing out I did notice the certificates expiring. I followed the CreateNewSSLCertificates.txt (or whatever it's called, my shell isn't right in front of me at the moment) file and got to this point.

Thanks very much for pointing out the forum post Mike, I didn't see that searching for error messages, suppose I should have been a tad more general in my searches. The script in the 4.0.e SOLR zip fixed this up perfectly.

I will point out that the script appeared to hang - I got in the logs two "Certificate Created" messages (for the .crt's) and three "Added to keystore" messages, then no more. After a few minutes I opened up the script with another session to see where it was hanging. As all the files had been created and copied to their appropriate locations I can only assume it had hung after the last block of cp commands and before the two echo messages. I Ctrl-C'ed the script, which brought up the two echoed messages and restarted alfresco (working fine now).

I couldn't see any reason for the script to hang, just pointing it out as interesting.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
Top