Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.
SSL Installation on the mango cloud
-
Hi Graig!
Thanks for your response,I have created my keystore .jdk using windows key tool.and i pasted it in the directory as shown on the mango.i have not use a password to generate my key.
this is the link i got information from: https://forum.infiniteautomation.com/topic/3725/external-ip/7 -
Hi Jerry
Did you use a password when creating the keystore, not the key? The logs show Mango cannot access the keystore.
What did you put on this line in your env.properties:
ssl.keystore.password=morethan6characters -
Hi craigweb i did put : ssl.keystore.password=freetextpassword
-
@jmbayo said in SSL Installation on the mango cloud:
Caused by: java.security.UnrecoverableKeyException: Password verification failed
Your logs show that the password is not correct. You need to first test your password on the keystore.
-
this is the link i got information from: https://forum.infiniteautomation.com/topic/3725/external-ip/7
Did you use the keytool command exactly as it appears in this thread? If so, your keystore password would likely be
changei -
This post is deleted! -
I trust you got things sorted Jimmy? Welcome to message via chat as well if you have any concerns
Fox
-
Hi Jimmy
The process is as follows:
- Create a keystore.jks to hold your keys
- Import the certificate into the keystore.
- Move the keystore onto your cloud server.
- edit the env.properties folder to point to your keystore.
If any passwords were used on either the key or the certificate then add them to the env.properties file
-
This post is deleted! -
@craigweb Thanks. Let me try that, will let you know how it goes.
-
Hi all; the SSL is now working on my cloud. I thought I would share the procedure and challenges encountered.
Step 0.
Buy a genuine SSL certificate
Step 1.
Generate a CSR to request a certificate from a recognised CA
Step 2
Generate a file.jks; on my case I used keystore explore to create a keystore.jks and load all my certificate in it.
Setp 3
I then imported it into my mango /opt/mango/overrides/properties
Challenges:
After all these steps, when I edited my env file to activate the SSL, my web page couldn’t be access. The issue was on my env file, I didn’t uncommented the ssl.key.password. I followed the instruction for using certbot which was not the right one for my case. The right is on support under configurationinstallation- ssl.on=true
- ssl.port=443
- ssl.keystore.location=[YOUR FULL MANGO PATH HERE]/overrides/keystore.jks
- ssl.keystore.password=[leave empty if you didn’t use a password]
- ssl.key.password=[leave empty if you didn’t use a password] (Note that this need to be uncommented as it is initially commented out)
Then I restarted mango, and that’s it
