Table of Contents

Search

  1. Preface
  2. Upgrade Overview
  3. Pre-Upgrade Tasks
  4. Database Tasks
  5. Application Server Tasks
  6. Hub Store Upgrade
  7. Hub Server Upgrade (In-place Upgrade)
  8. Process Server Upgrade (In-place Upgrade)
  9. Resource Kit Upgrade (In-place Upgrade)
  10. Post-Upgrade Tasks
  11. Search Configuration Upgrade
  12. ActiveVOS Post-Installation Tasks for the Application Server
  13. ActiveVOS Post-Upgrade Tasks for Business Entity Adapter
  14. ActiveVOS Post-Upgrade Tasks for Subject Areas Adapter
  15. Troubleshooting the Upgrade Process
  16. Frequently Asked Questions
  17. Processing Existing ActiveVOS Tasks
  18. Configuring Metadata Caching

Upgrading from Version 9.7.1

Upgrading from Version 9.7.1

Create Keystores, Truststore, and Certificates

Create Keystores, Truststore, and Certificates

After you install Elasticsearch, create keystores, truststore, and security certificates that are required to secure the communication between the MDM Hub and Elasticsearch. To create keystores, truststore, and certificates, run the
sip_ant
script on only one of the machines that has the Hub Server installed. Then, copy the keystores, truststore, and certificates to all the other machines on which the Hub Server is installed.
You can create keystores, truststore, and certificates without using the
sip_ant
script.
The following table describes the keystores and truststore that are required:
Keystore/Truststore Name
Description
MDM_ESCLIENT_FILE_JKS.keystore
Elasticsearch keystore that contains the client certificate and its key.
MDM_ESKEYSTORE_FILE_JKS.keystore
Elasticsearch keystore that contains the client and node certificates. If the Elasticsearch cluster has multiple nodes, all the nodes use the certificates.
MDM_ESTRUSTSTORE_FILE_JKS.keystore
Elasticsearch truststore that contains the signed certificate for the client and Elasticsearch nodes.
  1. Open a command prompt, and navigate to the following directory on one of the machines that has the Hub Server installed:
    <
    MDM Hub installation directory
    >/hub/server/bin
  2. To create the keystores, truststore, and certificates, run the following command:
    On UNIX.
    sip_ant.sh generate_mdm_es_store
    On Windows.
    sip_ant.bat generate_mdm_es_store
  3. When prompted for a password for the keystores and truststore, specify a password.
    The keystores, truststore, and certificates are created in the following directory:
    <
    MDM Hub installation directory
    >/hub/server/resources/certificates
  4. Copy the following keystores and truststore to the
    <Elasticsearch installation directory>/config
    directory of each Elasticsearch installation:
    • MDM_ESCLIENT_FILE_JKS.keystore
    • MDM_ESKEYSTORE_FILE_JKS.keystore
    • MDM_ESTRUSTSTORE_FILE_JKS.keystore
  5. Copy the following keystore and truststore to the
    <
    MDM Hub installation directory
    >/hub/server/resources/certificates
    directory of each Hub Server node that is part of the Elasticsearch cluster:
    • MDM_ESCLIENT_FILE_JKS.keystore
    • MDM_ESTRUSTSTORE_FILE_JKS.keystore

0 COMMENTS

We’d like to hear from you!