Expand my Community achievements bar.

SOLVED

How to publish (replicate) Global Trust Store and how to verify Global Trust Store is published on AEM 6.5 ?

Avatar

Level 2

Hi All,

Please can you advise best practice how to publish (replicate) Global Trust Store settings and how to verify that Global Trust Store is published on AEM 6.5 ?

Global Trust Store is accessible (on Author) via http://localhost:4502/libs/granite/security/content/truststore.html

Thank you for your time and advice.

1 Accepted Solution

Avatar

Correct answer by
Level 10

TrustStore location is /etc/truststore. I haven't tried to replicate or move via package but you may try that

View solution in original post

4 Replies

Avatar

Correct answer by
Level 10

TrustStore location is /etc/truststore. I haven't tried to replicate or move via package but you may try that

Avatar

Employee Advisor
Just replicating /etc/truststore does not solve this You must copy the hmac/master keys were physically copied from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) to the other instance.

Avatar

Employee

Why would you want to replicate that out of curiosity?

 

Secondly, unless the hmac/master keys were physically copied from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) to this other instance day-0 then I wouldn't expect any cryptographic hash-functions to be able to sign. 

Avatar

Employee Advisor

Just replicating /etc/truststore does not solve this. You must copy the hmac/master keys files physically  from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) too to the other instance. So the steps are:

1. Replicate /etc/truststore

2. Copy the hmac/master keys files physically from the filesystem ( e.g. /crx-quickstart/launchpad/felix/bundle25/data) to all other publish instances