I was thinking about that but haven't had a chance to catch my breath. Thanks for letting me know where the link is...
Erick On Thu, Mar 13, 2014 at 9:08 AM, Cassandra Targett <[email protected]> wrote: > This needs to also make its way into the Solr Ref Guide - stuff documented > on the wiki doesn't automatically get into the Solr Reference Guide without > human intervention. > > There is an issue already to document this in the guide, so if you do add > something to the Solr Wiki, please add a link to the page to > https://issues.apache.org/jira/browse/SOLR-5757 so it can be officially > documented. > > Thanks, > Cassandra > > > On Wed, Mar 12, 2014 at 7:19 PM, Erick Erickson <[email protected]> > wrote: >> >> Steve: >> >> It would be a great service if you were willing to document this on >> the Wiki. If you don't already have contributor rights, just create a >> logon on the Wiki, send us your logon ID and we'll add you to the >> approved editors list. >> >> A bit of background: We used to let anyone edit the Wiki, but then >> started getting hit with a billion spam pages so had to lock it down. >> As long as we're convinced it's a real person asking for edit rights, >> they're freely granted! >> >> Best, >> Erick >> >> >> On Wed, Mar 12, 2014 at 8:15 PM, Steve Davids <[email protected]> wrote: >> > I will be upgrading my SolrCloud cluster at work in a couple of days >> > (hand >> > patched former builds) will let everyone know if there are any other >> > gothchyas. I know depending on different cases the need to bundle your >> > own >> > HttpClientConfigurer to use the AllowAllHostnameVerifier (if using a >> > single >> > cert for all instances) or to add the TrustedSelfSignedStrategy if using >> > two-way SSL w/ self-signed certs. >> > >> > -Steve >> > >> > On Mar 12, 2014, at 8:05 PM, Erick Erickson <[email protected]> >> > wrote: >> > >> > Steve: >> > >> > Thanks, I confess confusion about all things HTTPS. I'll turn this >> > over to the people who _do_ know about it in the morning, this is a >> > great help in that it tells us where to look. >> > >> > I smell a Wiki page coming.... >> > >> > Erick >> > >> > On Wed, Mar 12, 2014 at 7:47 PM, Steve Davids <[email protected]> wrote: >> > >> > Hi Eric, >> > >> > Unfortunately the only "working example" is in the unit-tests. What have >> > you >> > done thus far? First step would be to add the "urlScheme" into >> > clusterprops.json: >> > >> > ./zkcli.sh -zkhost localhost:9983 -cmd put /clusterprops.json >> > '{"urlScheme":"https"}' >> > >> > >> > You will also need to add the basic javax.net.ssl.* system properties >> > (http://stackoverflow.com/a/5871352) >> > >> > It is important to note that if there is a pre-existing >> > clusterstate.json >> > file you will need to update the current base_url values to move 'http' >> > -> >> > 'https' scheme + update the port value. This is all necessary because >> > when a >> > node is rebooted it compares the base_url to figure out where it left >> > off in >> > the cluster. SOLR-5770 was created so we don't need to worry about >> > performing this manual http->https mapping since it will use the >> > node_name >> > to perform the comparison (though the port value would still be a >> > problem). >> > >> > Let me know if that helps, >> > >> > -Steve >> > >> > On Mar 12, 2014, at 4:23 PM, Erick Erickson <[email protected]> >> > wrote: >> > >> > We simply cannot get Solr running over HTTPS. We're running Solr 4.7, >> > SOLR-3854 should be included. >> > >> > To complicate matters this is on WebSphere, but fortunately the people >> > here are handling that part (not a chance in the world to use Jetty). >> > >> > "IOException can't connect with an http (not https) address" >> > >> > Do we have any examples lying around that handle this case that we can >> > use as a template? I'm out of my league with this, https is a mystery. >> > >> > Thanks! >> > Erick >> > >> > --------------------------------------------------------------------- >> > To unsubscribe, e-mail: [email protected] >> > For additional commands, e-mail: [email protected] >> > >> > >> > >> > --------------------------------------------------------------------- >> > To unsubscribe, e-mail: [email protected] >> > For additional commands, e-mail: [email protected] >> > >> > >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
