Versions Compared

Old Version 84

changes.mady.by.user David Walend

Saved on

compared with

New Version 85

changes.mady.by.user David Walend

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

$ cd /opt/shrine/tomcat/webapps
$ wget --no-check-certificate https://repo.open.med.harvard.edu/nexus/content/groups/public/net/shrine/meta-war/1.22.4/meta-war-1.22.4.war -O shrine-meta.war

Keystore Cleanup

If you previously used a separate cert for https put that cert in a separate keystore and update your server.xml file. (Use a cert signed by a public cert authority to avoid a warning in users' browsers.)  

For hub-and-spoke systems, SHRINE now insists that the only two certificates exist in shrine's shrine.keystore on spokes are : the node's signing cert, and the hub's public CA cert. SHRINE uses the signing certificate for https as well. See what certs are there and remove any extras. SHRINE will verify that the signing cert is signed by the hub's public cert. See Generate a Certificate Signing Request .

Be sure the original keystore is backed up!If you previously used a separate cert for https (signed by a public cert authority) consider using that cert and having the hub sign it. That may be the easiest way to use two certs. See Generate a Certificate Signing Request .

$ keytool -list -keystore /opt/shrine/shrine.keystore

...