[jira] [Closed] (SOLR-10025) SOLR_SSL_OPTS are ignored in bin\solr.cmd

[Kevin Risden (JIRA)]

     [ 
https://issues.apache.org/jira/browse/SOLR-10025?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kevin Risden closed SOLR-10025.
-------------------------------
    Resolution: Duplicate

Looks like 6.4 is affected by this and it is a duplicate of SOLR-8491. I can 
address it with a patch in SOLR-8491

> SOLR_SSL_OPTS are ignored in bin\solr.cmd
> -----------------------------------------
>
>                 Key: SOLR-10025
>                 URL: https://issues.apache.org/jira/browse/SOLR-10025
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>    Affects Versions: 6.3
>            Reporter: Andy Hind
>
> SSL config fails on windows.
> Requires fixes for late binding.
> See !SOLR_SSL_OPTS! below 
> {code}
> REM Select HTTP OR HTTPS related configurations
> set SOLR_URL_SCHEME=http
> set "SOLR_JETTY_CONFIG=--module=http"
> set "SOLR_SSL_OPTS= "
> IF DEFINED SOLR_SSL_KEY_STORE (
>   set "SOLR_JETTY_CONFIG=--module=https"
>   set SOLR_URL_SCHEME=https
>   set "SCRIPT_ERROR=Solr server directory %SOLR_SERVER_DIR% not found!"
>   set "SOLR_SSL_OPTS=-Dsolr.jetty.keystore=%SOLR_SSL_KEY_STORE% 
> -Dsolr.jetty.keystore.password=%SOLR_SSL_KEY_STORE_PASSWORD% 
> -Dsolr.jetty.truststore=%SOLR_SSL_TRUST_STORE% 
> -Dsolr.jetty.truststore.password=%SOLR_SSL_TRUST_STORE_PASSWORD% 
> -Dsolr.jetty.ssl.needClientAuth=%SOLR_SSL_NEED_CLIENT_AUTH% 
> -Dsolr.jetty.ssl.wantClientAuth=%SOLR_SSL_WANT_CLIENT_AUTH%"
>   IF DEFINED SOLR_SSL_CLIENT_KEY_STORE  (
>     set "SOLR_SSL_OPTS=!SOLR_SSL_OPTS! 
> -Djavax.net.ssl.keyStore=%SOLR_SSL_CLIENT_KEY_STORE% 
> -Djavax.net.ssl.keyStorePassword=%SOLR_SSL_CLIENT_KEY_STORE_PASSWORD% 
> -Djavax.net.ssl.trustStore=%SOLR_SSL_CLIENT_TRUST_STORE% 
> -Djavax.net.ssl.trustStorePassword=%SOLR_SSL_CLIENT_TRUST_STORE_PASSWORD%"
>   ) ELSE (
>     set "SOLR_SSL_OPTS=!SOLR_SSL_OPTS! 
> -Djavax.net.ssl.keyStore=%SOLR_SSL_KEY_STORE% 
> -Djavax.net.ssl.keyStorePassword=%SOLR_SSL_KEY_STORE_PASSWORD% 
> -Djavax.net.ssl.trustStore=%SOLR_SSL_TRUST_STORE% 
> -Djavax.net.ssl.trustStorePassword=%SOLR_SSL_TRUST_STORE_PASSWORD%"
>   )
> ) ELSE (
>   set SOLR_SSL_OPTS=
> )
> {code}
> We also use a non default keystore type and have to disable perr name 
> chekcking:
> {code}
> -a "......... -Djavax.net.ssl.keyStoreType=JCEKS 
> -Djavax.net.ssl.trustStoreType=JCEKS -Dsolr.ssl.checkPeerName=false"
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org