Unimus
Page tree

Versions Compared

Old Version 21

changes.mady.by.user Tomas Kirnak

Saved on

compared with

New Version Current

changes.mady.by.user Ales Deak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

If you want to connect to Unimus using HTTPS with a self-signed cert, you can use these instructions.

Important note: please make sure the keystore password does not contain the # character.
# is used as a comment, so a password containing it will not be fully read from the configuration.

On Windows

Generate self-signed cert:

Code Block
languagepowershell
set JAVA_HOME=C:\Program Files\Unimus\jre8jre17
set KEYTOOL=%JAVA_HOME%\bin\keytool

cd "C:\Program Files\Unimus"
"%KEYTOOL%" -genkey -alias unimus -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore unimus.keystore.p12 -validity 3650

...

Code Block
languagetext
-Dserver.ssl.key-store="C:\\Program Files\\Unimus\\unimus.keystore.p12"
-Dserver.ssl.keyStoreType=PKCS12
-Dserver.ssl.keyAlias=unimus
-Dserver.ssl.key-store-password="[insert password here]"

Please make sure to place each argument into its own line.

Replace '[insert password here]' with the password you used for keystore creation.
Please note special character requirements in the Notes And Tips section.

Restart the Unimus service, and it should be available only over HTTPS.

...

Code Block
languagetext
JAVA_HOME=/usr/lib/jvm/java-1117-openjdk-amd64
KEYTOOL=$JAVA_HOME/bin/keytool
 
cd /opt/unimus
$KEYTOOL -genkey -alias unimus -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore unimus.keystore.p12 -validity 3650

...

Replace '[insert password here]' with the password you used for keystore creation.

Note: When running Unimus in Docker, add the Java parameters to your docker-compose file and persist the volume containing the keystore file to ensure the SSL certificate is retained if the container is restarted or recreated:

Code Block
languagetext
services:
  unimus:
    image: croc/unimus
    environment:
      - 'JAVA_OPTS=-Dserver.ssl.key-store=/opt/unimus/unimus.keystore.p12 -Dserver.ssl.keyStoreType=PKCS12 -Dserver.ssl.keyAlias=unimus -Dserver.ssl.key-store-password=[insert password here]'
    volumes:
      - './unimus:/opt/unimus'

Restart the Unimus service , and it should (or container). After startup, Unimus will be available only over HTTPS.

Notes and tips

Important note: please be careful if the keystore password contains the # or % character.

# is used as a comment, so a password containing it will not be fully read from the configuration.
You can enclose the password in " (double quotes) if you wish to use # as a part of the password.

On Windows, % is used for variable expansion. If you are using the % character as part of your keystore password, you need to escape it using another %.
So in effect, if your keystore password is "123%", you would write it as "123%%" into the Unimus.l4j.ini file.