How to publish (replicate) Global Trust Store and how to verify Global Trust Store is published on AEM 6.5 ?

Avatar

Avatar

RobertBailey1

Avatar

RobertBailey1

RobertBailey1

25-03-2020

Hi All,

Please can you advise best practice how to publish (replicate) Global Trust Store settings and how to verify that Global Trust Store is published on AEM 6.5 ?

Global Trust Store is accessible (on Author) via http://localhost:4502/libs/granite/security/content/truststore.html

Thank you for your time and advice.

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Gaurav-Behl

MVP

Avatar

Gaurav-Behl

MVP

Gaurav-Behl
MVP

25-03-2020

TrustStore location is /etc/truststore. I haven't tried to replicate or move via package but you may try that

Answers (2)

Answers (2)

Avatar

Avatar

aemmarc

Employee

Avatar

aemmarc

Employee

aemmarc
Employee

27-03-2020

Why would you want to replicate that out of curiosity?

 

Secondly, unless the hmac/master keys were physically copied from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) to this other instance day-0 then I wouldn't expect any cryptographic hash-functions to be able to sign. 

Avatar

Avatar

vivekanand-mishra

Employee

Avatar

vivekanand-mishra

Employee

vivekanand-mishra
Employee

16-09-2020

Just replicating /etc/truststore does not solve this. You must copy the hmac/master keys files physically  from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) too to the other instance. So the steps are:

1. Replicate /etc/truststore

2. Copy the hmac/master keys files physically from the filesystem ( e.g. /crx-quickstart/launchpad/felix/bundle25/data) to all other publish instances