I have successfully got SOLR 8.11.1 running under SSL from the windows command 
line solr.bat by changing solr.in.cmd to configure the SSL.

I have a windows service that keeps SOLR live by running the jar file, with 
parameters passed to it.

I went to the dashboard screen, and grabbed all of the -D commands and put them 
in the request:

(run in administrator mode)
CD E:\ApacheSolr8_11_1\server
"C:\Program Files\Java\jdk-21\bin\java.exe" -Dsolr.solr.home=solr 
-Djetty.port=8983 -Djetty.home=E:\ApacheSolr8_11_1\server -DSTOP.PORT=8087 
-DSTOP.KEY=stopsolr -Djetty.logs=E:\ApacheSolr8_11_1\server\logs 
-Dorg.eclipse.jetty.util.log.SOURCE=true 
-Dsolr.solr.home=E:\ApacheSolr8_11_1\server\solr 
-Dsolr.log.dir=E:\ApacheSolr8_11_1\server\logs 
-Dsolr.disable.shardsWhitelist=true 
-Djavax.net.ssl.keyStore=E:\ApacheSolr8_11_1\server\etc\solr-ssl.keystore.p12 
-Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.keyStoreType=PKCS12  
-Djavax.net.ssl.trustStore=E:\ApacheSolr8_11_1\server\etc\solr-ssl.keystore.p12 
-Djavax.net.ssl.trustStorePassword=password 
-Djavax.net.ssl.trustStoreType=PKCS12 -Dsolr.jetty.https.port=8983 
-Dsolr.jetty.inetaccess.excludes= -Dsolr.jetty.inetaccess.includes= 
-Dsolr.jetty.keystore.type=PKCS12 
-Dsolr.jetty.keystore=E:\ApacheSolr8_11_1\server\etc\solr-ssl.keystore.p12 
-Dsolr.jetty.keystore.password=--redacted-- 
-Dsolr.jetty.ssl.needClientAuth=false -Dsolr.jetty.ssl.wantClientAuth=false 
-Dsolr.jetty.truststore.type=PKCS12 
-Dsolr.jetty.truststore=E:\ApacheSolr8_11_1\server\etc\solr-ssl.keystore.p12 
-Dsolr.jetty.truststore.password=--redacted-- -Dsolr.ssl.checkPeerName=true 
-jar E:\ApacheSolr8_11_1\server\start.jar --module=http

It runs but it doesn't have ssl enabled.

Here's what I'm seeing in the log that comes up when I run it. Notice that it 
recognizes the keystore, but cant  create the client endpoint

2024-09-09 14:56:42.704 INFO  (main) [   ] o.a.s.h.c.HttpShardHandlerFactory 
Host whitelist initialized: WhitelistHostChecker [whitelistHosts=null, 
whitelistHostCheckingEnabled=false]
2024-09-09 14:56:42.938 INFO  (main) [   ] o.e.j.u.s.SslContextFactory 
x509=X509@593a6726(--redacted--,h=[localhost<mailto:x509=X509@593a6726(a4538e1ppslr002.ad1.prod,h=[localhost>,
 --redacted--, --redacted--],a=[],w=[]) for 
Client@596a7f44[provider=null,keyStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12,trustStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12<mailto:Client@596a7f44[provider=null,keyStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12,trustStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12>]
2024-09-09 14:56:43.048 WARN  (main) [   ] o.e.j.u.s.S.config No Client 
EndPointIdentificationAlgorithm configured for 
Client@596a7f44[provider=null,keyStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12,trustStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12<mailto:Client@596a7f44[provider=null,keyStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12,trustStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12>]
2024-09-09 14:56:43.198 INFO  (main) [   ] o.e.j.u.s.SslContextFactory 
x509=X509@5e99b9c(--redacted--,h=[localhost<mailto:x509=X509@5e99b9c(a4538e1ppslr002.ad1.prod,h=[localhost>,
 --redacted--, --redacted--],a=[],w=[]) for 
Client@2fe74516[provider=null,keyStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12,trustStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12<mailto:Client@2fe74516[provider=null,keyStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12,trustStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12>]
2024-09-09 14:56:43.198 WARN  (main) [   ] o.e.j.u.s.S.config No Client 
EndPointIdentificationAlgorithm configured for 
Client@2fe74516[provider=null,keyStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12,trustStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12<mailto:Client@2fe74516[provider=null,keyStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12,trustStore=file:///E:/ApacheSolr8_11_1/server/etc/solr-ssl.keystore.p12>]
2024-09-09 14:56:43.261 WARN  (main) [   ] o.a.s.c.CoreContainer Not all 
security plugins configured!  authentication=disabled authorization=disabled.  
Solr is only as secure as you make it. Consider configuring 
authentication/authorization before exposing Solr to users internal or 
external.  See https://s.apache.org/solrsecurity for more info
2

What parameters am I missing? Or what am I doing wrong?

I have tried adding -Dsolr.ssl.enabled=true, but it didn't seem to help.

Thanks,

RICK HODDER
Staff Software Engineer
Global Specialty
[The Hartford]<https://www.thehartford.com/>
The Hartford
83 Wooster Heights Rd. | 2nd floor
Danbury, CT, 06810
W: 475-329-6251
Email: richard.hod...@thehartford.com<mailto:richard.hod...@thehartford.com>
www.thehartford.com<https://www.thehartford.com/>
www.facebook.com/thehartford<https://www.facebook.com/thehartford>
twitter.com/thehartford<https://twitter.com/thehartford>



******************************************************************************************************
This communication, including attachments, is for the exclusive use of 
addressee and may contain proprietary, confidential and/or privileged 
information.  If you are not the intended recipient, any use, copying, 
disclosure, dissemination or distribution is strictly prohibited.  If you are 
not the intended recipient, please notify the sender immediately by return 
e-mail, delete this communication and destroy all copies.

******************************************************************************************************

Reply via email to