Jump to content

  • How to enable SSL for Nexus 3 and establish a https connection from JAC/TAC

    vchiem

    By vchiem

      • Version: v7 Product: Jaspersoft® ETL
     Share

    Issue:

    We have followed Talend's documentation on "Enabling SSL for Nexus 3" but we are still unable to set this up successfully. 

    What are the steps involved to enable SSL for Nexus 3 so that we can connect from TAC to Nexus Server using HTTPS connection ?

     

    Solution:

    For this scenario, the Nexus server resides on the same server as TAC and the Tomcat server was already set up with SSL. See Related Articles section below for a separate link to "How to enable HTTPS login for TAC"

    There are two phases:

    1. Set up SSL for Nexus server and ensure the browser can log into Nexus server under the configured https port 8441

    2. HTTPS connection from TAC to Nexus Server as specified in the Configuration Page

     

    Phase 1: Setting up Nexus Server for HTTPS Connection

    Steps:

1. Copy the keystore file (custom named as TibcoKey.bin) from the Tomcat server/conf directory into the <installation_path>/tac/Artifact-Repository-Nexus-3.9.0-01-[OS]/nexus-3.9.0-01/etc/ssl folder

2. Edit the <installation_path>/tac/Artifact-Repository-Nexus-3.9.0-01-[OS]/sonatype-work/nexus3/etc/nexus.properties file to add the ssl port and add the reference to the ssl configuration file (jetty-https.xml):
# Jetty section
application-port=8081
application-port-ssl=8441
application-host=0.0.0.0
nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-https.xml,${jetty.etc}/jetty-requestlog.xml
nexus-context-path=/

3. Edit the ssl configuration file <installation_path>/tac/Artifact-Repository-Nexus-3.9.0-01-win64/nexus-3.9.0-01/etc/jetty/jetty-https.xml for the certificate and password:
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<Set name="KeyStorePath"><Property name="ssl.etc"/>/TibcoKey.bin</Set>
<Set name="KeyStorePassword">Tibco123</Set>
<Set name="KeyManagerPassword">Tibco123</Set>

Note: Remove default references to the TrustStore path and password

4. Start Nexus and login using browser to Nexus HTTPS URL using SSL port.

     

    Phase 2: HTTPS connection from TAC to Nexus Server as specified in the Configuration Page

    Steps:

1. In Tomcat bin directory edit setenv.sh:

export JAVA_OPTS="$JAVA_OPTS -Djavax.net.debug=ssl
-Djavax.net.ssl.trustStore=<tomcat>/conf/TibcoKey.bin
-Djavax.net.ssl.trustStorePassword=Tibco123

Note: the -Djavax.net.debug=ssl can be omitted unless you want to enable vebose debugging for SSL 

2. Stop and Restart Tomcat and ensure it boots successfully.

3. Login to TAC under https and go to Configuration page. Ensure the https Nexus URL and port is correctly specified and test the connection

    Related Articles:

    Enabling SSL for Nexus 3: 

    https://help.talend.com/r/RSZ9cD4BsXjW~9P_jzXR_w/3n7LABLKHgbczuT~5M4OMA

    How to enable HTTPS login for JAC (TAC - Talend Administration Center): 

    https://community.jaspersoft.com/wiki/how-enable-https-login-jac-tac-talend-administration-center

     

     Share
    Go to entries

    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...

© 2024 Cloud Software Group,
Inc. All rights reserved.

Products

Explore