Aspire 4.0 (Hawthorn)

Page tree
Skip to end of metadata
Go to start of metadata

To crawl over https you'll need to import a certificate from your repository into aspire - see here Configuring a Certificate Store

The following steps describe how to import a certificate to crawl HTTPs site

  1. Access URL with the browser and download a copy of the certificate.
  2. Create folder on Aspire for the certificate. For example: data\ssl\certName.cer
  3. Run %JAVA_HOME%\bin\keytool -import -file data\ssl\certName.cer -keystore data\ssl\keyStore.ks
    1. On step 3, keytool program can be found on bin folder under Java installation path.
  4. Add to bin\aspire.bat:
-Djavax.net.ssl.trustStore=C:\pathToKeyStore\keyStore.ks
-Djavax.net.ssl.trustStorePassword=password

On step 4, the password you specify here is asked on step 3 by keytool program.

To import multiple certificates (for different connectors) use -alias parameter in step 3

e.g. to import certificate from source site: 

%JAVA_HOME%\bin\keytool -import -file data\ssl\spCertName.cer -alias source -keystore data\ssl\keyStore.ks

And to import certificate from Confluence site:

%JAVA_HOME%\bin\keytool -import -file data\ssl\confluenceCertName.cer -alias confluence -keystore data\ssl\keyStore.ks



Important Note (known limitation):

  If you set a wrong path or password you will receive a SSL exception (the trustAnchors parameter must be non-empty) and the crawl will not start. Also, in the case of you set those values by the connector configuration option, and you set an incorrect value and try to start a crawl,you will receive the exception, but if you change the values by the correct one and try again you will receive the exception again. The problem is that these are global settings so everything running in your JVM must use that truststore. You can't alter those system properties during runtime and expect those changes to take effect. Once you ask the JVM to make a secure connection, those system property values appear to be cached in the JVM and are used thereafter for the life of the JVM. So, you need to restart Aspire to the changes take effect.

3.3 Only

If you configure a truststore file in Aspire, you need to also add the certificates located in the certs directory inside the config folder of the Aspire installation.

  • No labels