Info |
---|
INFO SSL shall be enabled for using Datameer X in enterprise or production environments. Note that even if you enable a firewall to ensure that only SSL is available, Datameer X uses both HTTP and HTTPS services. For using Datameer X on a standard port (443), system administrators need to implement additional configuration. This change eliminates the need to type ':8443' at the end of the URL each time they access Datameer. All port changes should be made in the 'start.ini' file, which overrides 'jetty.port'. |
...
The following commands will enable SSL and disable normal HTTP traffic.
Note |
---|
Important! The enable-ssl.sh script uses relies on the GNU version of the sed utility and might not work as expected if your terminal uses another implementation. We recommend checking this before running the script. Please reach Datameer support if you observe any issues. |
Change your working path to where you have installed the target Datameer X distribution.
Stop the Datameer X service if currently running with:
Code Block $ ./bin/conductor.sh stop
Execute the
bin/enable-ssl.sh
script. Example:Code Block [Datameer-11.1.8-emr-6.1.0]$ ./bin/enable-ssl.sh Java found. (version 1.8) Disabling http module. Changes to DAS_PORT in das-env.sh will have no effect anymore. Creating https.ini in start.d/ WARN : Use both ${jetty.base}/start.d and ${jetty.base}/start.ini is deprecated INFO : https initialized in ${jetty.base}/start.d/https.ini INFO : ssl transitively enabled, ini template available with --add-to-start=ssl COPY : ${jetty.base}/modules/ssl/keystore to ${jetty.base}/etc/keystore INFO : Base directory was modified Creating ssl.ini in start.d/ WARN : Use both ${jetty.base}/start.d and ${jetty.base}/start.ini is deprecated INFO : ssl initialized in ${jetty.base}/start.d/ssl.ini INFO : Base directory was modified Datameer will use default configuration. If a non standard configuration is required, edit start.d/ssl.ini. Refer to Datameer Documentation for more details.
If required, edit the
start.d/ssl.ini
file to customize the configuration to match your environmental variables.Code Block jetty.ssl.port=<desired_port> (default=8443) jetty.sslContext.keyStorePath=<path/to/keystore> (default=etc/keystore) jetty.sslContext.trustStorePath=<path/to/keystore> (default=etc/keystore) jetty.sslContext.keyStorePassword=<password> (default=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 jetty.sslContext.keyManagerPassword=<password> (default=OBF:1u2u1wml1z7s1z7a1wnl1u2g) jetty.sslContext.trustStorePassword=<password> (default=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4)
Start the Datameer X service with:
Code Block $ ./bin/conductor.sh start
...
Disabling SSLĀ
The following commands will disable SSL and restore normal HTTP traffic.
...