keycloak-scim/server_installation/topics/operating-mode/crossdc/proc-setting-up-infinispan.adoc
andymunro cb730556a7
KEYCLOAK-15291 Addressing review comments. (#1201)
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2021-11-10 12:39:43 +01:00

55 lines
1.6 KiB
Text

[id='setting-up-infinispan-{context}']
= Setting Up {jdgserver_name} Servers
For cross-site replication, you start by creating remote {jdgserver_name} clusters that can back up {project_name} data.
.Prerequisites
* Download and install {jdgserver_name} Server {jdgserver_version_latest}.
[NOTE]
====
{jdgserver_name} Server {jdgserver_version_latest} requires Java 11.
====
.Procedure
. Create a user to authenticate client connections from {jdgserver_name}, for example:
+
[source,bash,options="nowrap",subs=attributes+]
----
$ bin/cli.sh user create myuser -p "qwer1234!"
----
+
[NOTE]
====
You specify these credentials in the Hot Rod client configuration when you create remote caches on {project_name}.
====
+
. Create an SSL keystore and truststore to secure connections between {jdgserver_name} and {project_name}, for example:
.. Create a keystore to provide an SSL identity to your {jdgserver_name} cluster
+
[source,bash,options="nowrap",subs=attributes+]
----
keytool -genkey -alias server -keyalg RSA -keystore server.jks -keysize 2048
----
+
.. Export an SSL certificate from the keystore.
+
[source,bash,options="nowrap",subs=attributes+]
----
keytool -exportcert -keystore server.jks -alias server -file server.crt
----
+
.. Import the SSL certificate into a truststore that {project_name} can use to verify the SSL identity for {jdgserver_name}.
+
[source,bash,options="nowrap",subs=attributes+]
----
keytool -importcert -keystore truststore.jks -alias server -file server.crt
----
.. Remove `server.crt`.
+
[source,bash,options="nowrap",subs=attributes+]
----
rm server.crt
----