Enabling SSL for the endeca-cmd interface

You must use endeca-cmd interface global options to specify the location of the keystore and truststore files.

To enable SSL for the endeca-cmd interface:

  1. Generate a keystore and truststore.
    If you have already generated them for the Jetty application server, you can use them for the endeca-cmd interface.
  2. When issuing an endeca-cmd interface command, use the --keystore and --truststore global options.
    For information on these options, see Global options for SSL.
    You will also use the --port global option to specify the Endeca Server's SSL port and the --host global option to specify the machine name.
The following example (on a Windows machine) shows the use of the SSL global options and the SSL dialog:
C:\Oracle\Endeca\Server\7.4.0\endeca-cmd>endeca-cmd status-ds books --port 8443
--host app23.example.com --keystore c:\mykeys\keystore --truststore c:\mykeys\truststore
key store password:
trust store password:
Current State: Stopped

Data Files: C:\Oracle\Endeca\Server\7.4.0\endeca-server\data\books
WS Port: 7773
Bulk Load Port: 7774
Startup Timeout (s): 60
Shutdown Timeout (s): 60
After the command is issued, the user is asked for the keystore and truststore passwords. If an incorrect password is entered, the command fails with this error message:
Keystore was tampered with, or password was incorrect
caused by:
Password verification failed