keycloak-scim/server_installation/topics/operating-mode/crossdc/proc-setting-up-infinispan.adoc

56 lines
1.6 KiB
Text
Raw Normal View History

[id='setting-up-infinispan-{context}']
2021-01-29 15:05:00 +00:00
= Setting Up {jdgserver_name} Servers
For cross-site replication, you start by creating remote {jdgserver_name} clusters that can back up {project_name} data.
.Prerequisites
* Download and install {jdgserver_name} Server {jdgserver_version_latest}.
[NOTE]
====
{jdgserver_name} Server {jdgserver_version_latest} requires Java 11.
====
2021-01-29 15:05:00 +00:00
.Procedure
. Create a user to authenticate client connections from {jdgserver_name}, for example:
+
[source,bash,options="nowrap",subs=attributes+]
----
$ bin/cli.sh user create myuser -p "qwer1234!"
----
+
[NOTE]
====
You specify these credentials in the Hot Rod client configuration when you create remote caches on {project_name}.
====
+
2021-01-29 15:05:00 +00:00
. Create an SSL keystore and truststore to secure connections between {jdgserver_name} and {project_name}, for example:
.. Create a keystore to provide an SSL identity to your {jdgserver_name} cluster
+
[source,bash,options="nowrap",subs=attributes+]
----
keytool -genkey -alias server -keyalg RSA -keystore server.jks -keysize 2048
----
+
2021-01-29 15:05:00 +00:00
.. Export an SSL certificate from the keystore.
+
2021-01-29 15:05:00 +00:00
[source,bash,options="nowrap",subs=attributes+]
----
2021-01-29 15:05:00 +00:00
keytool -exportcert -keystore server.jks -alias server -file server.crt
----
+
.. Import the SSL certificate into a truststore that {project_name} can use to verify the SSL identity for {jdgserver_name}.
+
2021-01-29 15:05:00 +00:00
[source,bash,options="nowrap",subs=attributes+]
----
2021-01-29 15:05:00 +00:00
keytool -importcert -keystore truststore.jks -alias server -file server.crt
----
.. Remove `server.crt`.
+
[source,bash,options="nowrap",subs=attributes+]
----
2021-01-29 15:05:00 +00:00
rm server.crt
----