Secure SOLR Service for Sitecore 9 | Configure SSL for SOLR.

by Kumar Saurabh, posted in Sitecore, Sitecore 9, SOLR

This blog is my experience of taking me one step closer to Sitecore 9 installation.  Its an extension of my previous post of setting up SOLR as Windows Service . After setting up SOLR as windows service I verified SOLR admin page with URL -http://localhost:8983/solr/

Purpose of this blog is to make it https => an extra s , that’s it!!! 🙂

In SC 9 SOLR by default needs to be setup in secure way. As this is for my local dev box I am going ahead with self signed certificates. Credit to Kam for providing us with a handy Power shell Script for generating self signed certificate and installing it .

Follow the below Steps for securing your SOLR Service in your local dev box.

  1. Go to Kams webiste – and get the original PS script.(solrssl.ps1) . Many Thanks to Kam Figy for it.
  2. Script makes use of Java keytool which is a certificate manager.
  3. Figure out your  keyttol.exe path from java directory in your PC. I have mine at  C:\Program Files\Java\jre1.8.0_181\bin\keytool.exe Blog3_Image1
  4. Open the script(solrssl.ps1) in an editor – and go to Line # 37
    $keytool = (Get-Command 'keytool.exe').Source
  5. Update Line #37 as below depending on your keytool.exe path figured out in previous step
    $keytool = (Get-Command 'C:\Program Files\Java\jre1.8.0_181\bin\keytool.exe').Source
  6. Check for updated PS File : solrssl.ps1
  7. Open Power shell as administrator and navigate to folder where you have kept PS file – solrssl.ps1 (from previous step)Blog3_Image2
  8. Pass in location for the keystore file.
    .\solrssl.ps1 -KeystoreFile D:\SOLR\solr-6.6.2\server\etc\solr-ssl.keystore.jks
  9. Execute PS and your keys are generated.Blog3_Image3
  10. In case of Error- ” “File [.ps1] cannot be loaded because the execution of scripts is disabled on this system.”  – Execute below line on Power shell window and re-run Step 8
    Set-ExecutionPolicy -Scope CurrentUser Unrestricted
  11. Verify if keystore files are created in location which we provided . In my case – i checked at path – D:\SOLR\solr-6.6.2\server\etcBlog3_Image4
  12. Based on Next Steps from PS output of Step 9 – Open your solr.in.cmd file which should be inside bin folder of your SOLR installation folder. In my case its in – D:\SOLR\solr-6.6.2\bin\
  13. Search for below 4 lines in solr.in.cmd file , un-comment all 4 lines and save the changes.
    set SOLR_SSL_KEY_STORE=etc/solr-ssl.keystore.jks
    set SOLR_SSL_KEY_STORE_PASSWORD=secret
    set SOLR_SSL_KEY_STORE_TYPE=JKS
    set SOLR_SSL_TRUST_STORE=etc/solr-ssl.keystore.jks
  14. Restart your SOLR Service from Service Manager.
  15. Check SOLR admin page – http URL- http://localhost:8983/solr/   – Yes this Page should not work now.
  16. Add an extra “s” – and open it securely – https://localhost:8983/solr/Blog3_Image7

With this I am done securing my SOLR Url and excited – as now I am ready to install Sitecore 9.

Happy Sitecoring !!

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s