You mean this can only be used in this version 5.5.x? Other versions invalid?
------------------ 原始邮件 ------------------ 发件人: "Kevin Risden";<compuwizard...@gmail.com>; 发送时间: 2017年2月6日(星期一) 上午9:44 收件人: "solr-user"<solr-user@lucene.apache.org>; 主题: Re: bin/post and self-signed SSL Originally formatted as MarkDown. This was tested against Solr 5.5.x packaged as Lucidworks HDP Search. It would be the same as Solr 5.5.x. # Using Solr * https://cwiki.apache.org/confluence/display/solr/Solr+Start+Script+Reference * https://cwiki.apache.org/confluence/display/solr/Running+Solr * https://cwiki.apache.org/confluence/display/solr/Collections+API ## Create collection (w/o Kerberos) ```bash /opt/lucidworks-hdpsearch/solr/bin/solr create -c test ``` ## Upload configuration directory (w/ SSL and Kerberos) ```bash /opt/lucidworks-hdpsearch/solr/server/scripts/cloud-scripts/zkcli.sh -zkhost ZK_CONNECTION_STRING -cmd upconfig -confname basic_config -confdir /opt/lucidworks-hdpsearch/solr/server/solr/configsets/basic_configs/conf ``` ## Create Collection (w/ SSL and Kerberos) ```bash curl -k --negotiate -u : " https://SOLR_HOST:8983/solr/admin/collections?action=CREATE&name=newCollection&numShards=1&replicationFactor=1&collection.configName=basic_config " ``` ## Delete collection (w/o Kerberos) ```bash /opt/lucidworks-hdpsearch/solr/bin/solr delete -c test ``` ## Delete Collection (w/ SSL and Kerberos) ```bash curl -k --negotiate -u : " https://SOLR_HOST:8983/solr/admin/collections?action=DELETE&name=newCollection " ``` ## Adding some test docs (w/o SSL) ```bash /opt/lucidworks-hdpsearch/solr/bin/post -c test /opt/lucidworks-hdpsearch/solr/example/exampledocs/*.xml ``` ## Adding documents (w/ SSL and Kerberos) ```bash curl -k --negotiate -u : " https://SOLR_HOST:8983/solr/newCollection/update?commit=true"; -H "Content-Type: application/json" --data-binary @/opt/lucidworks-hdpsearch/solr/example/exampledocs/books.json ``` ## List Collections (w/ SSL and Kerberos) ```bash curl -k --negotiate -u : " https://SOLR_HOST:8983/solr/admin/collections?action=LIST"; ``` Kevin Risden On Sun, Feb 5, 2017 at 5:55 PM, Kevin Risden <compuwizard...@gmail.com> wrote: > Last time I looked at this, there was no way to pass any Java properties > to the bin/post command. This made it impossible to even set the SSL > properties manually. I checked master just now and still there is no place > to enter Java properties that would make it to the Java command. > > I came up with a chart of commands previously that worked with standard > (no SSL or Kerberos), SSL only, and SSL with Kerberos. Only the standard > solr setup worked for the bin/solr and bin/post commands. Errors popped up > that I couldn't work around. I've been meaning to get back to it just > haven't had a chance. > > I'll try to share that info when I get back to my laptop. > > Kevin Risden > > On Feb 5, 2017 12:31, "Jan Høydahl" <jan....@cominvent.com> wrote: > >> Hi, >> >> I’m trying to post a document to Solr using bin/post after enabling SSL >> with self signed certificate. Result is: >> >> $ post -url https://localhost:8983/solr/sslColl *.html >> /usr/lib/jvm/java-8-openjdk-amd64/bin/java -classpath >> /opt/solr/dist/solr-core-6.4.0.jar -Dauto=yes -Durl= >> https://localhost:8983/solr/sslColl -Dc= -Ddata=files >> org.apache.solr.util.SimplePostTool lab-index.html lab-ops1.html >> lab-ops2.html lab-ops3.html lab-ops4.html lab-ops6.html lab-ops8.html >> SimplePostTool version 5.0.0 >> Posting files to [base] url https://localhost:8983/solr/sslColl... >> Entering auto mode. File endings considered are >> xml,json,jsonl,csv,pdf,doc,docx,ppt,pptx,xls,xlsx,odt,odp, >> ods,ott,otp,ots,rtf,htm,html,txt,log >> POSTing file lab-index.html (text/html) to [base]/extract >> SimplePostTool: FATAL: Connection error (is Solr running at >> https://localhost:8983/solr/sslColl ?): javax.net.ssl.SSLHandshakeException: >> sun.security.validator.ValidatorException: PKIX path building failed: >> sun.security.provider.certpath.SunCertPathBuilderException: unable to >> find valid certification path to requested target >> >> >> Do anyone know a workaround for letting bin/post accept self-signed cert? >> Have not tested it against a CA signed Solr... >> >> -- >> Jan Høydahl, search solution architect >> Cominvent AS - www.cominvent.com >> >>
