Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

How to publish (replicate) Global Trust Store and how to verify Global Trust Store is published on AEM 6.5 ?

Avatar

Level 2

Hi All,

Please can you advise best practice how to publish (replicate) Global Trust Store settings and how to verify that Global Trust Store is published on AEM 6.5 ?

Global Trust Store is accessible (on Author) via http://localhost:4502/libs/granite/security/content/truststore.html

Thank you for your time and advice.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

TrustStore location is /etc/truststore. I haven't tried to replicate or move via package but you may try that

View solution in original post

4 Replies

Avatar

Correct answer by
Community Advisor

TrustStore location is /etc/truststore. I haven't tried to replicate or move via package but you may try that

Avatar

Employee
Just replicating /etc/truststore does not solve this You must copy the hmac/master keys were physically copied from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) to the other instance.

Avatar

Employee

Why would you want to replicate that out of curiosity?

 

Secondly, unless the hmac/master keys were physically copied from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) to this other instance day-0 then I wouldn't expect any cryptographic hash-functions to be able to sign. 

Avatar

Employee

Just replicating /etc/truststore does not solve this. You must copy the hmac/master keys files physically  from the filesystem (/crx-quickstart/launchpad/felix/bundle25/data) too to the other instance. So the steps are:

1. Replicate /etc/truststore

2. Copy the hmac/master keys files physically from the filesystem ( e.g. /crx-quickstart/launchpad/felix/bundle25/data) to all other publish instances