Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

How to publish (replicate) Global Trust Store and how to verify Global Trust Store is published on AEM 6.5 ?

Avatar

Avatar
Validate 1
Level 2
RobertBailey1
Level 2

Likes

4 likes

Total Posts

19 posts

Correct Reply

1 solution
Top badges earned
Validate 1
Boost 3
Boost 1
Affirm 1
View profile

Avatar
Validate 1
Level 2
RobertBailey1
Level 2

Likes

4 likes

Total Posts

19 posts

Correct Reply

1 solution
Top badges earned
Validate 1
Boost 3
Boost 1
Affirm 1
View profile
RobertBailey1
Level 2

25-03-2020

Hi All,

Please can you advise best practice how to publish (replicate) Global Trust Store settings and how to verify that Global Trust Store is published on AEM 6.5 ?

Global Trust Store is accessible (on Author) via http://localhost:4502/libs/granite/security/content/truststore.html

Thank you for your time and advice.

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Give back 300
MVP
Gaurav-Behl
MVP

Likes

243 likes

Total Posts

1,145 posts

Correct Reply

281 solutions
Top badges earned
Give back 300
Give Back 50
Give Back 5
Give Back 3
Give Back 25
View profile

Avatar
Give back 300
MVP
Gaurav-Behl
MVP

Likes

243 likes

Total Posts

1,145 posts

Correct Reply

281 solutions
Top badges earned
Give back 300
Give Back 50
Give Back 5
Give Back 3
Give Back 25
View profile
Gaurav-Behl
MVP

25-03-2020

TrustStore location is /etc/truststore. I haven't tried to replicate or move via package but you may try that

Answers (2)

Answers (2)

Avatar

Avatar
Ignite 1
Employee
aemmarc
Employee

Likes

184 likes

Total Posts

243 posts

Correct Reply

92 solutions
Top badges earned
Ignite 1
Give Back 50
Give Back 5
Give Back 3
Give Back 25
View profile

Avatar
Ignite 1
Employee
aemmarc
Employee

Likes

184 likes

Total Posts

243 posts

Correct Reply

92 solutions
Top badges earned
Ignite 1
Give Back 50
Give Back 5
Give Back 3
Give Back 25
View profile
aemmarc
Employee

27-03-2020

Why would you want to replicate that out of curiosity?

 

Secondly, unless the hmac/master keys were physically copied from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) to this other instance day-0 then I wouldn't expect any cryptographic hash-functions to be able to sign. 

Avatar

Avatar
Give Back 3
Employee
vivekanand-mishra
Employee

Likes

9 likes

Total Posts

12 posts

Correct Reply

1 solution
Top badges earned
Give Back 3
Give Back
Boost 5
Boost 3
Boost 1
View profile

Avatar
Give Back 3
Employee
vivekanand-mishra
Employee

Likes

9 likes

Total Posts

12 posts

Correct Reply

1 solution
Top badges earned
Give Back 3
Give Back
Boost 5
Boost 3
Boost 1
View profile
vivekanand-mishra
Employee

16-09-2020

Just replicating /etc/truststore does not solve this. You must copy the hmac/master keys files physically  from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) too to the other instance. So the steps are:

1. Replicate /etc/truststore

2. Copy the hmac/master keys files physically from the filesystem ( e.g. /crx-quickstart/launchpad/felix/bundle25/data) to all other publish instances