Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Configuration Management System (CMS)2018.05

Use > Hardening > Enabling Secure Sockets Layer (SSL) Communication > Enable SSL Connection for an External Standalone Solr Environment

Enable SSL Connection for an External Standalone Solr Environment

Prerequisite

To use Solr standalone, make sure you have set cmdb.search.solr.standalone to true and cmdb.search.solr.standalone.url to point to your solr node, for example: https://192.168.1.2:8983/solr. For details, see How to Set Up an External Standalone Solr Environment.
Enable SSL for Solr Standalone
1. On the machine where you installed Apache Solr, go to the <Solr_Install_Dir>/server/etc directory.
2. Enter the following command to create a keystore:
```
keytool -genkeypair -alias solr-ssl -keyalg RSA -keysize 2048 -keypass <your password> -storepass <your password> -validity 365 -keystore solr-ssl.keystore.jks -ext SAN=DNS:localhost,IP:XX.XX.XX.XX -dname "CN=XX.XX.XX.XX, OU=MicroFocus, O=MicroFocus, C=RO"
```
3. Go to the <Solr_Install_Dir>/bin directory.
4. Open solr.in.sh (on linux) or solr.in.cmd (on Windows) in a text editor.
5. Uncomment and edit the following lines so that they match your environment.
```
SOLR_SSL_KEY_STORE=etc/solr-ssl.keystore.jks
SOLR_SSL_KEY_STORE_PASSWORD=YourPassword
SOLR_SSL_TRUST_STORE=etc/solr-ssl.keystore.jks
SOLR_SSL_TRUST_STORE_PASSWORD=YourPassword
SOLR_SSL_NEED_CLIENT_AUTH=false
SOLR_SSL_WANT_CLIENT_AUTH=false
```
6. Save and close the file.
7. Restart Solr.
  
  Now you can access the browser in order to check if SSL is enabled. Go to solr admin page using https protocol.
Configure UCMDB to connect to Solr Standalone with SSL.

To configure UCMDB to connect to Solr Standalone with SSL, we need to import the certificate from solr-ssl.keystore.jks into the cacerts truststore located in <UCDMB_Server>/bin/jre/lib/security:
1. Download and install KeyStore Explorer from http://keystore-explorer.org/downloads.html.
2. Open solr-ssl.keystore.jks and export the certificate chain. Right-click solr-ssl, select Export > Export Certificate Chain from the context menu.
3. Click Browse and choose the target location where you want to export it, and then click Export.
4. Import the solr-ssl.cer into the cacerts truststore under the <UCDMB_Server>/bin/jre/lib/security folder.
5. In the KeyStore Explorer, select File > Open, then go to <UCDMB_Server>/bin/jre/lib/security and open the cacerts file. The password is changeit. After you open it you will see something like below:
6. Click Import Trusted Certificate and select the file you exported previously, solr-ssl.cer.
  
  You should see the new certificate added into the list.
7. Click Save .
  
  Now you have imported the certificate into the cacerts truststore.
8. Restart UCMDB.
  
  Now UCMDB will connect to Solr using SSL.

Note

According to Apache Solr documentation, SSL connection is not supported for Solr Cloud.
For Solr on the same machine, the connection will remain HTTP since there is no communication across the network.

Send Help Center feedback