Info |
---|
Valid from Datafari 5.1 (Datafari CE and EE) |
Info |
---|
Use this only for specific use cases. This option is not recommended. |
Datafari is launched by default in HTTPS: to access to Datafari the url is : https://IP_DATAFARI/Datafari
The certificate is autosigned. You can easily replace it by a “real” one. In some situations, you might want to launch Datafari into HTTP rather than HTTPS (for instance in case you already have a reverse proxy in front of your Datafari installation, you do not have real certificates and you do not want that your users see the warning in their browser about autosigned certificate).
The process is :
Backup the configuration in place for Apache proxy :
Code Block |
---|
cp /opt/datafari/apache/sites-available/tomcat.conf /opt/datafari/apache/sites-available/tomcat.bkp |
Edit the configuration of Apache :
Code Block |
---|
nano /opt/datafari/apache/sites-available/tomcat.conf |
Delete the lines related to the VirtualHost 80
Code Block |
---|
<VirtualHost *:80>
ServerName $YOURSERVERNAME
Redirect / https://YOURSERVER
CustomLog /dev/null common
Header set X-Frame-Options SAMEORIGIN
</VirtualHost> |
Code Block |
---|
<VirtualHost *:443> |
to :
Code Block |
---|
<VirtualHost *:80> |
Finally remove the lines :
Code Block |
---|
SSLEngine on
SSLCertificateFile /opt/datafari/ssl-keystore/apache/datafari.crt
SSLCertificateKeyFile /opt/datafari/ssl-keystore/apache/datafari.key |
You can save and close the file.
3. Apply the new configuration :
Code Block |
---|
apachectl restart |
...
Expand |
---|
title | Valid from Datafari 4.4 up to Datafari |
---|
|
...
|
Info |
---|
Valid from Datafari 4.4 up to Datafari 5 for Enterprise Edition |
Info |
---|
Use this only for specific use cases. This option is not recommended. |
Datafari is launched by default in HTTPS ie to access to Datafari the url is : https://IP_DATAFARI:443/Datafari The certificate is autosigned and you can easily replace it by a “real” one. For rare cases, you might want to launch Datafari into HTTP and not HTTPS (you already have a reverse proxy in front of your Datafari installation, you do not have real certificates and you do not want that your users see the warning in their browser about autosigned certificate). The process is : Backup the configuration in place for Apache proxy :
Code Block |
---|
mv /opt/datafari/apache/sites-available/tomcat.conf /opt/datafari/apache/sites-available/tomcat.bkp |
Copy the configuration for HTTP :
Code Block |
---|
cp /opt/datafari/bin/deployUtils/docker/tomcat.conf /opt/datafari/apache/sites-available/ |
Apply the new configuration :
Code Block |
---|
apachectl restart |
|
...
Expand |
---|
title | Valid from 4.0 to 4.2 for Enterprise Edition |
---|
|
Info |
---|
Valid from 4.0 to 4.2 for Enterprise Edition |
The documentation below is valid from Datafari v4.0.0 to 4.2 To disable the SSL protocol in Datafari, follow these steps: Execute the following command: Code Block |
---|
/opt/datafari/solr/server/scripts/cloud-scripts/zkcli.sh -zkhost localhost:2181 -cmd clusterprop -name urlScheme -val http |
Stop Datafari Edit the file /opt/datafari/tomcat/webapps/Datafari/WEB-INF/web.xml and comment these lines:
Code Block |
---|
<!-- Force HTTPS on All Datafari -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Datafari</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint> |
Edit the file /opt/datafari/solr/bin/solr.in.sh and comment these lines (put a '#' in front of them):
Code Block |
---|
SOLR_SSL_KEY_STORE=${DATAFARI_HOME}/ssl-keystore/datafari-keystore.jks
SOLR_SSL_KEY_STORE_PASSWORD=DataFariAdmin
SOLR_SSL_TRUST_STORE=${DATAFARI_HOME}/ssl-keystore/datafari-keystore.jks
SOLR_SSL_TRUST_STORE_PASSWORD=DataFariAdmin
SOLR_SSL_NEED_CLIENT_AUTH=false
SOLR_SSL_WANT_CLIENT_AUTH=false |
Edit the file /opt/datafari/tomcat/conf/solr.properties and set the parameter SOLRPROTOCOL to 'http':
Code Block |
---|
SOLRPROTOCOL=http |
Edit the file /opt/datafari/tomcat/conf/datafari.properties and set the parameter SOLRHOSTS to 'localhost:2181': Code Block |
---|
SOLRHOSTS=localhost:2181 |
Edit the file /opt/datafari/elk/kibana/config/kibana.yml and comment the following lines:
Code Block |
---|
server.ssl.enabled: true
server.ssl.certificate: /opt/datafari/ssl-keystore/datafari-cert.pem
server.ssl.key: /opt/datafari/ssl-keystore/datafari-key.pem |
Start Datafari Go to the admin interface, Statistics/ELK configuration and change the Kibana URI parameter to use http instead of https: http://127.0.0.1:5601/app/kibana
|