Versions Compared

Old Version 8

changes.mady.by.user Unknown User (eotoole@mit.edu)

Saved on

compared with

New Version 9

changes.mady.by.user Unknown User (eotoole@mit.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Ops folks who need to setup or debug MOVES in Development, Test or Production
  • MOVES Developers. Ie ; ie developers who are maintaining moves itself, and need to stand up a Debug/Build environment.

Anchor
Trustores and Keystores
Trustores and Keystores

Truststores and Keystores

The trust store for Moves (serverTrustStore.jks) must include the MIT Certificate Authority. The keystore (moves-test.jks or moves.jks on production) is required to access the roles database.

The difference between how ops deploys a container and how developers deploy a container is restricted to the location of the serverTrustStore and application key store.

Tip
titleLocation of the application key store and the server trust store for DEVELOPERS

A copy of the server trust store is located here: serverTrustStore.jks
A copy of the development key store is located here: moves-test.jks

These are valid at the time of writing for developing moves. If they expire, new copies can be obtained from the ops team. Please see your team lead for details.

serverTrustStore.jks and moves-test.jks should be copied to the folder keystores in your home folder. On Windows, this would typically be
C:/Users/your-user-name/keystores/. On Unix/Linux, this would be /home/your-user-name/keystores.

Tip
titleLocation of the application key store and the server trust store for OPS

The standard location for the truststore and keystore are

  • Trust Store: ${OC4J installation Directory}/j2ee/home/config/serverTrustStore.jks
  • Key Store: ${OC4J installation Directory}/j2ee/home/config/moves-test.jks (Test/Development) OR ${OC4J installation Directory}/j2ee/home/config/moves.jks (Production)

default-web-site.xml

In your ${OC4J Install Dir}/j2ee/home/config folder, there should be a file called default-web-site.xml, that looks something like this:

...

  • Development - sky-app-1
  • Production - sea-app-1
    Moves should be configured on a standalone container and NOT ON A CLUSTER. The code is not cluster safe due to scheduling and log file restrictions.

...

Truststores and Keystores

The trustore for Moves must include the MIT Certificate Authority. The keystore requirements are the same as for any other apps. (The keystore is required to access the roles database).
The standard location for the truststore and keystore are

  • Trust Store: ${OC4J installation Directory}/j2ee/home/config/serverTrustStore.jksKey Store: ${OC4J installation Directory}/j2ee/home/config/moves-test.jks (Test/Development) OR ${OC4J installation Directory}/j2ee/home/config/moves.jks (Production)

Properties file

A commented properties file is included below. Developers are encouraged to change server trust store to the values in the Trustores and Keystores section above.

...