How to Setup SSL for XL Release


Phil -

This assumes you don't already have a cert. If you do, please skip step 1.

1) create a private key and cert

openssl req -newkey rsa:2048 -x509 -keyout xlrKey.pem -out xlrCert.pem -days 3650

2) create a keystore

If you can, run this command below to use the java utility to create a keystore. IMPORTANT: the alias of the store needs to be jetty

java utils.ImportPrivateKey -keystore xlrKeystore.jks -storepass password -keyfilepass password -certfile xlrCert.pem -keyfile xlrKey.pem -alias jetty

If that fails, then create a PKCS12 keystore and convert it to a JKS

openssl pkcs12 -export -in xlrCert.pem -inkey xlrKey.pem -out xlrKeystore.p12 -name jetty

3) add your cert to the keystore

keytool -importkeystore -destkeystore xlrKeystore.jks -deststorepass password -srckeystore xlrKeystore.p12 -srcstoretype PKCS12 -srcstorepass password

4) edit conf to use the keystore - add .jks file to `XLR_HOME/conf`
5) add the following to your `XLR_HOME/conf/xl-release-server.conf`

ssl=true #set this to true

Have more questions? Submit a request