Follow the steps in Section 5.3, “Creating Suitable Certificates” to create JGroups and TLS certificates.
Transfer the generated certificates to the same path on all hosts.
Update your configuration to specify these certificates and the keystore password:
java-tls-keystore-path=/etc/tungsten/secure/tungsten_tls_keystore.jks
java-jgroups-keystore-path=/etc/tungsten/secure/tungsten_jgroups_keystore.jceks
java-keystore-password=mykeystorepass
Transfer the generated certificates to the same path on all hosts using your preferred method.
Available as of Version 7.1.0, the tpm copy command can copy the generated files to all hosts for you if you have password-less SSH configured to all nodes.
## Perform a dry-run pass (-n) to test SSH ## and display the commands that would have been run ## to copy the generated files shell>tpm copy --gen -n
## Copy the generated files ## and display the command executed (-x) shell>tpm copy --gen -x
Update your configuration to specify these certificates and the keystore password:
If you used the tpm cert command (available as of
v7.1.0) to generate files for you, they will be located in the
$CONTINUENT_ROOT/generated
directory by
default.
java-tls-keystore-path=/opt/continuent/generated/tungsten_tls_keystore.jks
java-jgroups-keystore-path=/opt/continuent/generated/tungsten_jgroups_keystore.jceks
java-keystore-password=mykeystorepass