Well... The Title says it all.
It would be great, if you don't loose the SSL settings made in madsonic.sh on every update!
Greetings
Kae
Keep SSL Certificates and Settings on Update
Re: Keep SSL Certificates and Settings on Update
Regarding SSL Certs, I patched the madsonic.sh file. The only thing I need to do on every update is running a diff between the provided madsonic.sh and mine (and enhance mine accordingly).
Now, how did I do that:
Create a JKS and put your key in it. Remember the password, for obvious reasons. It should have a single alias:
Refer to this handy cheat sheet for common Java keytool commands
Now, add two more variables to the shell script:
Next, add both things to the parse arguments part, in case you'd like to provide the keystore and password via commandline. Also, enhance the help output accordingly. However, this is optional.
the following step is mandatory, and the important one. Look for following line
below that line, you can find a couple of JVM arguments, that are provided to the runtime when the WAR starts. Add the following two lines
That's it. this will keep your certs in the JKS you provided. You should also use this approach if you want to use a valid cert.
(Maybe @madsonic can add this patch to the next release)
Hth,
Marc
Now, how did I do that:
Create a JKS and put your key in it. Remember the password, for obvious reasons. It should have a single alias:
Code: Select all
root@media:/usr/home/marc # keytool -list -keystore /usr/local/madsonic/madsonic.jks
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
madsonic, May 2, 2017, PrivateKeyEntry,
Certificate fingerprint (SHA1): omitted
Now, add two more variables to the shell script:
Code: Select all
MADSONIC_DEFAULT_KEYSTORE_PASSWORD=password
MADSONIC_DEFAULT_KEYSTORE=/usr/local/madsonic/madsonic.jks
the following step is mandatory, and the important one. Look for following line
Code: Select all
${JAVA} -Xms${MADSONIC_INIT_MEMORY}m -Xmx${MADSONIC_MAX_MEMORY}m \
Code: Select all
-Dmadsonic.ssl.keystore=${MADSONIC_DEFAULT_KEYSTORE} \
-Dmadsonic.ssl.password=${MADSONIC_DEFAULT_KEYSTORE_PASSWORD} \
(Maybe @madsonic can add this patch to the next release)
Hth,
Marc