Keep SSL Certificates and Settings on Update

Got an idea? Missing something? Post your feature request here.
Posts: 36
Joined: 09 Feb 2015, 23:30
Has thanked: 5 times
Been thanked: 15 times

Keep SSL Certificates and Settings on Update

Unread post by KaeTuuN » 20 Oct 2017, 12:38

Well... The Title says it all.

It would be great, if you don't loose the SSL settings made in on every update!


Posts: 8
Joined: 17 May 2017, 12:13
Has thanked: 1 time
Been thanked: 4 times

Re: Keep SSL Certificates and Settings on Update

Unread post by mplogas » 22 Oct 2017, 16:40

Regarding SSL Certs, I patched the file. The only thing I need to do on every update is running a diff between the provided and mine (and enhance mine accordingly).

Now, how did I do that:
Create a JKS and put your key in it. Remember the password, for obvious reasons. It should have a single alias:

Code: Select all

root@media:/usr/home/marc # keytool -list -keystore /usr/local/madsonic/madsonic.jks
Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

madsonic, May 2, 2017, PrivateKeyEntry,
Certificate fingerprint (SHA1): omitted
Refer to this handy cheat sheet for common Java keytool commands

Now, add two more variables to the shell script:

Code: Select all

Next, add both things to the parse arguments part, in case you'd like to provide the keystore and password via commandline. Also, enhance the help output accordingly. However, this is optional.

the following step is mandatory, and the important one. Look for following line

Code: Select all

below that line, you can find a couple of JVM arguments, that are provided to the runtime when the WAR starts. Add the following two lines

Code: Select all

 -Dmadsonic.ssl.keystore=${MADSONIC_DEFAULT_KEYSTORE} \
 -Dmadsonic.ssl.password=${MADSONIC_DEFAULT_KEYSTORE_PASSWORD} \
That's it. this will keep your certs in the JKS you provided. You should also use this approach if you want to use a valid cert.
(Maybe @madsonic can add this patch to the next release)

These users thanked the author mplogas for the post:

Post Reply