Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Setting up SSL on Adobe Experience Manager 6.3/6.4

1.023 Aufrufe

Veröffentlicht am

A walk-through on how to set up SSL on Adobe Experience Manager versions 6.3 and better.

Full walkthrough + code here: http://www.jetteroheller.com/implementing-ssl-on-aem/

Veröffentlicht in: Technologie
  • The fourth installment of this blog series draws a comparison between Adobe Audience Manager (AAM) and Salesforce Audience Studio (Krux) in terms of features, usability, and vision. This will help you identify the right DMP for your business. http://bit.ly/2ubs8Jo
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • Adobe Experience platform was one of the biggest announced made by Adobe at their Adobe Summit event. Adobe delivered by revealing the details behind their long awaited Experience Platform (AEP). http://bit.ly/2YcVQr4
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier

Setting up SSL on Adobe Experience Manager 6.3/6.4

  1. 1. Setting up SSL on Adobe Experience Manager 6.3+ Tad Reeves Adobe Certified AEM Dev/Ops Engineer
  2. 2. AEM Doesn’t Usually SSL ● By default, server-to-server comms on AEM is plaintext HTTP (TCP 4503/4502) ● Usually OK, as AEM <-> AEM is all backend ● But this means Author user logins as well as all replication events send user & password in the clear. ● Up through AEM 6.2, SSL setup was a pain
  3. 3. SSL on AEM 6.3+ is Way Better ● AEM 6.0 -> 6.2 stored SSL certificates in an on-disk Java Keystore (JKS) and required laborious configuration on every server. ● AEM 6.3 and 6.4 have a new setup wizard which dramatically simplifies setup and is easier to automate. ● Adobe now recommends SSL as an immediate first configuration step.
  4. 4. Setting up SSL on AEM 6.4 ● Generate self-signed SSL certificates (requires openssl) ### Create Private Key $ openssl genrsa -aes256 -out localhostprivate.key 4096 ### Generate Certificate Signing Request using private key $ openssl req -sha256 -new -key localhostprivate.key -out localhost.csr -subj '/CN=localhost' ### Generate the SSL certificate and sign with the private key, will expire one year from now $ openssl x509 -req -days 365 -in localhost.csr -signkey localhostprivate.key -out localhost.crt ### Convert Private Key to DER format - SSL wizard requires key to be in DER format $ openssl pkcs8 -topk8 -inform PEM -outform DER -in localhostprivate.key -out localhostprivate.der -nocrypt
  5. 5. Setting up SSL on AEM 6.4 ● Create a keystore and truststore password for AEM, and save this in a secure location Note: The keystore and truststore are stored within the repository in AEM, and contain certificates used to encrypt outbound comms and decrypt inbound SSL connections.
  6. 6. Setting up SSL on AEM 6.4 ● Now upload the certificates that you have created to the next page of the wizard. ● The .der file you generated is the “key” ● The .crt file you generated is the “certificate”
  7. 7. Now Restart it. Because AEM. ● At this point, AEM will internally start up with SSL and does not REQUIRE a restart. But to be doubly sure that no connections are hanging out on any old ports, it’s a safe bet to restart AEM first before any hard usage.
  8. 8. You’re Finished! SSL is now installed on your Author instance. Further steps are documented on: http://www.jetteroheller.com/implementing- ssl-on-aem/ Things to remember: ● Switch your replication agents to SSL once your publishers are up on SSL ● This doesn’t cover putting SSL on the dispatcher tier, which is a separate process entirely, documented on the link above.
  9. 9. Thanks! If you have any other questions, feel free to hit me up on LinkedIn, or on my blog. https://www.linkedin.com/in/thaddeusreeves/