Monday, April 4, 2011

OpenAM 9.5.2 CLI Configuration

I was trying to install a new install of OpenAM 9.5.2 for a POC using the GUI Configurator. (Read here)

The problem then was the embedded OpenDS 2.3 will always create a Administrator Connector Self-Signed Certificate using the hostname. If this hostname is not defined in /etc/hosts, configuration will bomb.

ERROR: AMSetupServlet.configure: error
org.opends.server.types.InitializationException: The administration connector self-signed certificate cannot be generated because the following error occurred: openam: openam
at org.opends.server.admin.AdministrationConnector.handleCertifExceptions(AdministrationConnector.java:776)
at org.opends.server.admin.AdministrationConnector.createSelfSignedCertifIfNeeded(AdministrationConnector.java:757)
at org.opends.server.admin.AdministrationConnector.initializeAdministrationConnector(AdministrationConnector.java:181)


Today, I tried to find out whether or not this can be workaround by using CLI configuration.


SERVER_URL=http://openam.sg.azlabs:9080
DEPLOYMENT_URI=/openam71
BASE_DIR=/home/openam952/openam71
locale=en_US
PLATFORM_LOCALE=en_US
AM_ENC_KEY=wKO7mExvCqVXETTtsgU4HgtvqBXrFzSW
ADMIN_PWD=password
AMLDAPUSERPASSWD=amldapuser
COOKIE_DOMAIN=.sg.azlabs


DATA_STORE=embedded
DIRECTORY_SSL=SIMPLE
DIRECTORY_SERVER=openam.sg.azlabs
DIRECTORY_PORT=51389
DIRECTORY_ADMIN_PORT=8888
DIRECTORY_JMX_PORT=1689
ROOT_SUFFIX=dc=opensso,dc=java,dc=net
DS_DIRMGRDN=cn=Directory Manager
DS_DIRMGRPASSWD=password


## Leave (blank) will default to embedded DATA_STORE
USERSTORE_TYPE=


No use.

The OpenDS is still trying to create the Administrator Connector Self-Signed Certificate using the hostname.

By the way, in OpenAM 9.5.2, with the upgrade of OpenDS from 1.x to 2.3, the following 2 attribute-value pairs are required:


DIRECTORY_ADMIN_PORT=8888
DIRECTORY_JMX_PORT=1689


Quite a painful experience as the documentation wasn't there. I had to read the source code and trace what was required by the configurator.



For those interested, I was looking at the method runOpenDSSetup (...) in EmbeddedOpenDS.java

setupCmd[2] = (String) map.get(SetupConstants.CONFIG_VAR_DIRECTORY_ADMIN_SERVER_PORT);
setupCmd[4] = (String) map.get(SetupConstants.CONFIG_VAR_ROOT_SUFFIX);
setupCmd[6] = (String) map.get(SetupConstants.CONFIG_VAR_DS_MGR_DN);
setupCmd[8] = (String) map.get(SetupConstants.CONFIG_VAR_DIRECTORY_SERVER_PORT);
setupCmd[13] = (String) map.get(SetupConstants.CONFIG_VAR_DIRECTORY_JMX_SERVER_PORT);


Then I went to SetupConstants.java to find out what attribute names are required:

/**
* Configuration Variable for directory server admin port.
*/
String CONFIG_VAR_DIRECTORY_ADMIN_SERVER_PORT = "DIRECTORY_ADMIN_PORT";


/**
* Configuration Variable for directory server jmx port.
*/
String CONFIG_VAR_DIRECTORY_JMX_SERVER_PORT = "DIRECTORY_JMX_PORT";




.

No comments:

Post a Comment