Service User with Keystore - importing via a package half-fails

Avatar

Avatar

fionas76543059

Avatar

fionas76543059

fionas76543059

18-11-2020

Hi folks,

On the Author instance in the Stage environment, I created a Service User and added a Keystore that I created via open_ssl.

I used the ACL Packager program to build a package with my service user principal

and its permissions and keystore. I then replicated the package to the publish servers and it all worked fine. 

 

 

consult.png

 

However when I came to import the package on the Prod environment Author, I

was not so successful.

 

From the useradmin screen, it looked fine.

consult2.png

 

The system user was there with all the permissions and the keystore.

But, when I had a look at the security screen, no keystore was recognized...

 

 

consult3.png

 

So importing the service user and its keystore via package didn't work for me.

Unfortunately, I am supposed to use Packages exclusively on the Prod environment

so I'm a bit stumped.

Any suggestions ?

thanks

Fiona

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

fionas76543059

Avatar

fionas76543059

fionas76543059

19-11-2020

I'll answer my own question as it got worked out eventually.

 

It seems that the service-user+keystore package that I created in the lower environments didn't import properly into the Prod environment Author due to security checks.

In the end, I created the system user manually using crx/explorer/index.jsp in the Prod Author environment, uploaded the keystore file (from security/users.html) , made sure  /home/users/system/blah...  directory was ticked for all permissions incl replications. (useradmin)

Then I created an ACL Packager packer with the system user, and its principal, built the package and replicated to publish servers. This seemed to work o.k. at  least the keystore information showed up correctly when I viewed it from (security/users.html)

Answers (1)

Answers (1)

Avatar

Avatar

Ankur_Khare

MVP

Avatar

Ankur_Khare

MVP

Ankur_Khare
MVP

19-11-2020

Its because of the import , some time you need to delete the keystore from the user and recreate the key it works fine.