Details
Description
I installed solr-8.4.1 on centos 7, and tried to add SSL certificate to bin/solr.in.sh file.
===
#Enables HTTPS. It is implictly true if you set SOLR_SSL_KEY_STORE. Use this config
- to enable https module with custom jetty configuration.
SOLR_SSL_ENABLED=true - Uncomment to set SSL-related system properties
- Be sure to update the paths to the correct keystore for your environment
*SOLR_SSL_KEY_STORE=/opt/solr/server/solr-ssl.keystore.jks
SOLR_SSL_KEY_STORE_PASSWORD=mypassword
SOLR_SSL_TRUST_STORE=/opt/solr/server/solr-ssl.keystore.jks
SOLR_SSL_TRUST_STORE_PASSWORD=mypassword* - Require clients to authenticate
SOLR_SSL_NEED_CLIENT_AUTH=false - Enable clients to authenticate (but not require)
SOLR_SSL_WANT_CLIENT_AUTH=false - Verify client's hostname during SSL handshake
SOLR_SSL_CLIENT_HOSTNAME_VERIFICATION=false
===
Then I restart the server : service solr restart
Still all the browser says :
This site can't provide a secure connection localhsot sent an invalid response.
Try running Windows Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR
I checked the logs in /var/solr/logs/solr.log
2020-04-02 12:58:33.669 INFO (main) [ ] o.e.j.u.log Logging initialized @1856ms to org.eclipse.jetty.util.log.Slf4jLog
2020-04-02 12:58:33.870 WARN (main) [ ] o.e.j.s.AbstractConnector Ignoring deprecated socket close linger time
2020-04-02 12:58:33.870 WARN (main) [ ] o.e.j.x.XmlConfiguration Deprecated method public void org.eclipse.jetty.server.ServerConnector.setSoLingerTime(int) in file:///opt/solr-8.4.1/server/etc/jetty-http.xml
2020-04-02 12:58:33.877 INFO (main) [ ] o.e.j.s.Server jetty-9.4.19.v20190610; built: 2019-06-10T16:30:51.723Z; git: afcf563148970e98786327af5e07c261fda175d3; jvm 1.8.0_121-b13
2020-04-02 12:58:33.907 INFO (main) [ ] o.e.j.d.p.ScanningAppProvider Deployment monitor file:///opt/solr-8.4.1/server/contexts/ at interval 0
2020-04-02 12:58:34.238 INFO (main) [ ] o.e.j.w.StandardDescriptorProcessor NO JSP Support for /solr, did not find org.apache.jasper.servlet.JspServlet
2020-04-02 12:58:34.251 INFO (main) [ ] o.e.j.s.session DefaultSessionIdManager workerName=node0
2020-04-02 12:58:34.251 INFO (main) [ ] o.e.j.s.session No SessionScavenger set, using defaults
2020-04-02 12:58:34.254 INFO (main) [ ] o.e.j.s.session node0 Scavenging every 660000ms
2020-04-02 12:58:34.362 INFO (main) [ ] o.a.s.s.SolrDispatchFilter Using logger factory org.apache.logging.slf4j.Log4jLoggerFactory
2020-04-02 12:58:34.368 INFO (main) [ ] o.a.s.s.SolrDispatchFilter ___ _ Welcome to Apache Solr™ version 8.4.1
2020-04-02 12:58:34.368 INFO (main) [ ] o.a.s.s.SolrDispatchFilter / _| ___| | _ Starting in standalone mode on port 8983
2020-04-02 12:58:34.368 INFO (main) [ ] o.a.s.s.SolrDispatchFilter __ \/ _ \ | '_| Install dir: /opt/solr
2020-04-02 12:58:34.369 INFO (main) [ ] o.a.s.s.SolrDispatchFilter |__/_/|_| Start time: 2020-04-02T12:58:34.368Z
2020-04-02 12:58:34.397 INFO (main) [ ] o.a.s.c.SolrResourceLoader Using system property solr.solr.home: /var/solr/data
2020-04-02 12:58:34.406 INFO (main) [ ] o.a.s.c.SolrXmlConfig Loading container configuration from /var/solr/data/solr.xml
2020-04-02 12:58:34.499 INFO (main) [ ] o.a.s.c.SolrXmlConfig MBean server found: com.sun.jmx.mbeanserver.JmxMBeanServer@143640d5, but no JMX reporters were configured - adding default JMX reporter.
2020-04-02 12:58:35.177 INFO (main) [ ] o.a.s.h.c.HttpShardHandlerFactory Host whitelist initialized: WhitelistHostChecker [whitelistHosts=null, whitelistHostCheckingEnabled=true]
2020-04-02 12:58:35.331 WARN (main) [ ] o.e.j.u.s.S.config Trusting all certificates configured for Client@57eda880[provider=null,keyStore=null,trustStore=null]
2020-04-02 12:58:35.331 WARN (main) [ ] o.e.j.u.s.S.config No Client EndPointIdentificationAlgorithm configured for Client@57eda880[provider=null,keyStore=null,trustStore=null]
2020-04-02 12:58:35.548 WARN (main) [ ] o.e.j.u.s.S.config Trusting all certificates configured for Client@423e4cbb[provider=null,keyStore=null,trustStore=null]
2020-04-02 12:58:35.548 WARN (main) [ ] o.e.j.u.s.S.config No Client EndPointIdentificationAlgorithm configured for Client@423e4cbb[provider=null,keyStore=null,trustStore=null]
2020-04-02 12:58:35.573 WARN (main) [ ] o.a.s.c.CoreContainer Not all security plugins configured! authentication=disabled authorization=disabled. Solr is only as secure as you make it. Consider configuring authentication/authorization before exposing Solr to users internal or external. See https://s.apache.org/solrsecurity for more info
2020-04-02 12:58:35.765 INFO (main) [ ] o.a.s.c.TransientSolrCoreCacheDefault Allocating transient cache for 2147483647 transient cores
2020-04-02 12:58:35.768 INFO (main) [ ] o.a.s.h.a.MetricsHistoryHandler No .system collection, keeping metrics history in memory.
2020-04-02 12:58:35.864 INFO (main) [ ] o.a.s.m.r.SolrJmxReporter JMX monitoring for 'solr.node' (registry 'solr.node') enabled at server: com.sun.jmx.mbeanserver.JmxMBeanServer@143640d5
2020-04-02 12:58:35.864 INFO (main) [ ] o.a.s.m.r.SolrJmxReporter JMX monitoring for 'solr.jvm' (registry 'solr.jvm') enabled at server: com.sun.jmx.mbeanserver.JmxMBeanServer@143640d5
2020-04-02 12:58:35.871 INFO (main) [ ] o.a.s.m.r.SolrJmxReporter JMX monitoring for 'solr.jetty' (registry 'solr.jetty') enabled at server: com.sun.jmx.mbeanserver.JmxMBeanServer@143640d5
2020-04-02 12:58:35.915 INFO (main) [ ] o.a.s.c.CorePropertiesLocator Found 2 core definitions underneath /var/solr/data
where Am I doing wrong?