Issue:
We have followed Talend's documentation on "Enabling SSL for Nexus 3" but we are still unable to set this up successfully.
What are the steps involved to enable SSL for Nexus 3 so that we can connect from TAC to Nexus Server using HTTPS connection ?
Solution:
For this scenario, the Nexus server resides on the same server as TAC and the Tomcat server was already set up with SSL. See Related Articles section below for a separate link to "How to enable HTTPS login for TAC"
There are two phases:
1. Set up SSL for Nexus server and ensure the browser can log into Nexus server under the configured https port 8441
2. HTTPS connection from TAC to Nexus Server as specified in the Configuration Page
Phase 1: Setting up Nexus Server for HTTPS Connection
Steps: 1. Copy the keystore file (custom named as TibcoKey.bin) from the Tomcat server/conf directory into the <installation_path>/tac/Artifact-Repository-Nexus-3.9.0-01-[OS]/nexus-3.9.0-01/etc/ssl folder 2. Edit the <installation_path>/tac/Artifact-Repository-Nexus-3.9.0-01-[OS]/sonatype-work/nexus3/etc/nexus.properties file to add the ssl port and add the reference to the ssl configuration file (jetty-https.xml): # Jetty section application-port=8081 application-port-ssl=8441 application-host=0.0.0.0 nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-https.xml,${jetty.etc}/jetty-requestlog.xml nexus-context-path=/ 3. Edit the ssl configuration file <installation_path>/tac/Artifact-Repository-Nexus-3.9.0-01-win64/nexus-3.9.0-01/etc/jetty/jetty-https.xml for the certificate and password: <New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory"> <Set name="KeyStorePath"><Property name="ssl.etc"/>/TibcoKey.bin</Set> <Set name="KeyStorePassword">Tibco123</Set> <Set name="KeyManagerPassword">Tibco123</Set> Note: Remove default references to the TrustStore path and password 4. Start Nexus and login using browser to Nexus HTTPS URL using SSL port.
Phase 2: HTTPS connection from TAC to Nexus Server as specified in the Configuration Page
Steps: 1. In Tomcat bin directory edit setenv.sh: export JAVA_OPTS="$JAVA_OPTS -Djavax.net.debug=ssl -Djavax.net.ssl.trustStore=<tomcat>/conf/TibcoKey.bin -Djavax.net.ssl.trustStorePassword=Tibco123 Note: the -Djavax.net.debug=ssl can be omitted unless you want to enable vebose debugging for SSL 2. Stop and Restart Tomcat and ensure it boots successfully. 3. Login to TAC under https and go to Configuration page. Ensure the https Nexus URL and port is correctly specified and test the connection
Related Articles:
Enabling SSL for Nexus 3:
https://help.talend.com/r/RSZ9cD4BsXjW~9P_jzXR_w/3n7LABLKHgbczuT~5M4OMA
How to enable HTTPS login for JAC (TAC - Talend Administration Center):
https://community.jaspersoft.com/wiki/how-enable-https-login-jac-tac-talend-administration-center
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now