sslhttpspentahokettle

How to configure Pentaho Carte to accept HTTPS request instead of HTTP


I have a requirement where Pentaho Carte server needs to accept "HTTPS" instead of the default "HTTP".

I have followed the following link but to no avail:

https://help.pentaho.com/Documentation/6.0/0L0/0Y0/060/060/010#Configuring_Carte_Servers_for_SSL

Following are the steps I followed:

  1. Using the Keytool I created a .jks file using the following command:

    keytool -genkey -keyalg RSA -alias selfsigned -keystore   C:\KEY_STORE\Pentaho\keystore.jks -storepass password -validity 360 -keysize 2048
    
  2. I edited the carte_config_master-8080.xml file on my system which now looks as:

    <slaveserver>
        <name>master1</name>
        <hostname>10.67.110.93</hostname>
        <port>8080</port>
        <master>Y</master>
        <sslConfig>
            <keyStore>C:\KEY_STORE\Pentaho</keyStore>
            <keyStorePassword>password</keyStorePassword>
            <keyPassword>password</keyPassword>
        </sslConfig>
    </slaveserver>
    

    As can be seen I have created the .jks file and mentioned its location in carte-config-master-8080.xml.

  3. I am invoking Carte as:

    C:\software\pdi-ce-5.4.0.1-130\data-integration>Carte.bat carte-config-master-8080.xml
    DEBUG: Using PENTAHO_JAVA_HOME
    DEBUG: _PENTAHO_JAVA_HOME=C:\Program Files\Java\jre7
    DEBUG: _PENTAHO_JAVA=C:\Program Files\Java\jre7\bin\java.exe
    
  4. Carte is getting invoked but it is not accepting "HTTPS", I guess because of following error:

    validation.properties could not be loaded by any means. fail. Exception was: java.lang.IllegalArgume
    classloader resource.
    SecurityConfiguration for Logger.LogServerIP not either "true" or "false" in ESAPI.properties. Using
    2017/02/02 15:33:31 - Carte - Using SSL mode
    2017/02/02 15:33:31 - Carte - Created listener for webserver @ address : 10.67.110.93:8080
    Exception in thread "main" java.lang.reflect.InvocationTargetException
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
            at java.lang.reflect.Method.invoke(Unknown Source)
            at org.pentaho.commons.launcher.Launcher.main(Launcher.java:92)
    Caused by: java.io.FileNotFoundException: C:\KEY_STORE\Pentaho (Access is denied)
            at java.io.FileInputStream.open(Native Method)
            at java.io.FileInputStream.<init>(Unknown Source) 
    

    It can be clearly seen that the folder where the key is saved is inaccessible. I have given full access rights to the folder.

P.S. - Working on Pentaho Kettle Community Edition 5.4 & Windows 7

Any suggestions?


Solution

  • Looks like there is a mistake in documentation.

    line

    <keyStore>C:\KEY_STORE\Pentaho</keyStore> 
    

    Documentaion states

    keyStore  | Path to the keystore **file**.  | Yes
    

    Important part is "...file..."

    Try to replace with

    <keyStore>C:\KEY_STORE\Pentaho\keystore.jks</keyStore> 
    

    And as well i would prefer to use backslash

    <keyStore>C:/KEY_STORE/Pentaho/keystore.jks</keyStore>