yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-12-29 08:29:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add extra step required when configuring SSL (#8078)

Browse Source
This commit is contained in:
Nahuel 2022-10-11 09:56:27 +02:00 committed by GitHub
parent 3b7f576d04
commit 0393b75eab
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
openmetadata-docs/content/deployment/security/enable-ssl/openmetadata-server.md
View File

@ -91,3 +91,18 @@ Click on `Trust` to open and set `Always Trust`:
Once the above steps are finished, all the browsers will allow you to visit the OpenMetadata server using HTTPS.
However, you'll still a warning in the address bar. All of these steps are not necessary with an X509 certificate issued
by a trusted authority and one should always use that in production.
### Import public cert into Java Keystore
This step is required in case you have configured a `bot` with a JWT Token as authentication mechanism and your server
has SSL enabled.
From your terminal:
1. Go to your $JAVA_HOME/lib/security where the **cacerts** keystore is located.
2. Run the following command once in the directory:
```bash
keytool -import -trustcacerts -keystore cacerts -storepass changeit -noprompt -alias localhost -file /path/to/public.cert
```