I need to use SSL in my Master/Slave Solr 6.6.2 environment. This is Solr on Windows as the governance requires all servers to be Windows.
I had created a localhost SSL Cert on the Master (works on the Master because it’s local), but this won’t work for the Slave which has replication based on the IP of the Master server. I then changed it to a self-signed cert that uses the machine name which seems to be a better fit for accessing the site.
However, I can't get replication to work when using SSL/HTTPS. It throws IO Communication errors as it can’t resolve the https connection to a localhost certificate on the Master. The error is as follows:
Master at: https://mastercomputername:8983/solr/core_index is not available. Index fetch failed by exception: org.apache.solr.common.SolrException: IOException occured when talking to server at: https://mastercomputername:8983/solr/core_index
Is there a setting in Solr I need to enable to allow replication to occur over HTTPS? I already installed the machine named cert from the Master server on the Slave server and set the Solr.in to accept SSL as follows:
REM Uncomment to set SSL-related system properties
REM Be sure to update the paths to the correct keystore for your environment
set SOLR_SSL_KEY_STORE=D:\Solr\solr-6.6.2\server\etc\solr-ssl.keystore.pfx
set SOLR_SSL_KEY_STORE_PASSWORD=secret
REM set SOLR_SSL_KEY_STORE_TYPE=JKS
set SOLR_SSL_TRUST_STORE=D:\Solr\solr-6.6.2\server\etc\solr-ssl.keystore.pfx
set SOLR_SSL_TRUST_STORE_PASSWORD=secret
REM set SOLR_SSL_TRUST_STORE_TYPE=JKS
REM set SOLR_SSL_NEED_CLIENT_AUTH=false
REM set SOLR_SSL_WANT_CLIENT_AUTH=false
I am thinking that Solr is not listening on 443... or that because it is a self-signed certificate, Java is rejecting it.
