The following steps describe how to import a certificate to crawl HTTPs site
- Access URL with the browser and download a copy of the certificate.
- Create folder on Aspire for the certificate. For example: data\ssl\certName.cer
- Run %JAVA_HOME%\bin\keytool -import -file data\ssl\certName.cer -keystore data\ssl\keyStore.ks
- On step 3, keytool program can be found on bin folder under Java installation path.
- Add to bin\aspire.bat:
On step 4, the password you specify here is asked on step 3 by keytool program.
To import multiple certificates (for different connectors) use -alias parameter in step 3
e.g. to import certificate from source site:
And to import certificate from Confluence site:
Important Note (known limitation):
If you set a wrong path or password you will receive a SSL exception (the trustAnchors parameter must be non-empty) and the crawl will not start. Also, in the case of you set those values by the connector configuration option, and you set an incorrect value and try to start a crawl,you will receive the exception, but if you change the values by the correct one and try again you will receive the exception again. The problem is that these are global settings so everything running in your JVM must use that truststore. You can't alter those system properties during runtime and expect those changes to take effect. Once you ask the JVM to make a secure connection, those system property values appear to be cached in the JVM and are used thereafter for the life of the JVM. So, you need to restart Aspire to the changes take effect.
If you configure a truststore file in Aspire, you need to also add the certificates located in the certs directory inside the config folder of the Aspire installation.