Versions Compared

Old Version 1

changes.mady.by.user Sam Tsoi

Saved on

compared with

New Version Current

changes.mady.by.user David Walend

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagebash
themeRDark
keystore {
    file = "/opt/shrine/shrine.keystore"
    password = "password"
    privateKeyAlias = "$KEYSTORE_ALIAS"
    keyStoreType = "JKS"
    caCertAliases= ["HUB_CA_CERT_ALIAS"]
  }

This is to make sure SHRINE uses  SHRINE will use privateKeyAlias to find the signed certificate to sign queries going out from your site.

The second place, is in the keystore section within /opt/shrine/tomcat/conf/server.xml:

Code Block
languagebash
themerdark
<Connector port="6443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               keystoreFile="/opt/shrine/shrine.keystore"
               keystorePass="password"
               keyAlias="$KEYSTORE_ALIAS" />

This is to configure Tomcat to use the same signed certificate to serve your site's HTTPS traffic. , and caCertAliases to verify queries before running them.