marklogicmarklogic-dhf

Cannot deploy to SSL on app server with DHF 5.2.1


In our environment we have a self-signed certificate template and the app servers on ports 8000, 8001, 8002, as well as our application app servers, are using that. We're using DHF 5.2.1.

When we try a deploy, it successfully deploys the database, app servers, and so on. Anything on ports 8000 or 8002 works fine. However, when it tries to use our app's final or staging ports, it fails (error messages below).

The gradle.properties file includes the following:

mlSimpleSsl=true
mlRestAuthentication=basic

The app server is using basic authentication with internal security. There are two errors we're seeing (sometimes one, sometimes the other).

* What went wrong:
Execution failed for task ':mlLoadModules'.
> Caught exception before writing was completed: java.net.SocketException: Connection reset by peer

or

* What went wrong:
Execution failed for task ':mlLoadModules'.
> Caught exception before writing was completed: java.net.SocketException: Connection reset by peer

Should mlSimpleSsl be sufficient here?


Solution

  • ml-data-hub doesn't honor mlSimpleSsl so it operates a little differently from ml-gradle and you won't need to use that property at all; instead you'll want to add (or they may already appear in gradle.properties commented-out) and set following properties:

    mlManageSimpleSsl=true
    mlManageScheme=https
    mlAdminSimpleSsl=true
    mlAdminScheme=https
    mlAppServicesSimpleSsl=true
    

    As well as the following, although you may want to add them to your environment-specific properties files:

    mlJobAuth=basic
    mlJobSimpleSsl=true
    
    mlFinalAuth=basic
    mlFinalSimpleSsl=true
    
    mlStagingAuth=basic
    mlStagingSimpleSsl=true
    

    You'll most likely need to change authentication to "basic" on those app servers, as well.