Configuring Database Replication for HTTPS

On the primary/master db Primis server
=======================================
- run the following commands to open port 31417
firewall-cmd --zone=viscount --add-port=31417/tcp --permanent
systemctl restart firewalld
firewall-cmd --zone=viscount --list-ports

- edit /var/opt/viscount/sds/conf/symmetric-server.properties and change https.enable to true 
  https.enable=true

- replace keystore and cacert
cd /var/opt/viscount/sds/security

keytool -keystore keystore -alias sym -genkey -keyalg RSA -validity 3650 -storetype jceks
(first and last name = hostname)

keytool -keystore keystore -export -alias sym -rfc -file sym.cer -storetype jceks

keytool -keystore cacerts -import -alias sym -file sym.cer

- restart the sds replication
systemctl restart sds

On all the secondary db Primis servers
=======================================
- login to the Primis Web app, goto System->Utilites->DB Replication
- detach the node from the database replication

On the primary/master db Primis server
========================================
- login to the Primis Web app, goto System->Utilites->DB Replication
- delete all the secondary nodes
- delete the master node
- recreate the master node and select HTTPS with port 31417

On all the secondary db Primis servers
=======================================
- login to the Primis Web app, goto System->Utilites->DB Replication
- recreate the database replication using the new Sync URL (using https)
Configuring Database Replication for HTTPS

Related content
