Enabling SSL for eaccmd and EAC Web services

The eaccmd and EAC Web services scripts use command-line JVM arguments to enable SSL.

Enabling SSL for eaccmd

The eaccmd script (eaccmd.bat on Windows, or eaccmd.sh on UNIX) contains two JVM arguments that tell it to use the keystore and truststore.

Because they do not affect non-SSL operation, eaccmd passes these arguments by default:

IF EXIST %ENDECA_CONF%\conf\ca.ks (
   SET TRUSTSTORE=%ENDECA_CONF%\conf\ca.ks
) ELSE (
   SET TRUSTSTORE=%EAC_ROOT%\..\workspace\conf\ca.ks
)

IF EXIST %ENDECA_CONF%\conf\eac.ks (
   SET KEYSTORE=%ENDECA_CONF%\conf\eac.ks
) ELSE (
   SET KEYSTORE=%EAC_ROOT%\..\workspace\conf\eac.ks
)
...
SET JVM_ARGS=%JVM_ARGS% -Djavax.net.ssl.trustStore=%TRUSTSTORE% 
  -Djavax.net.ssl.trustStoreType=JKS 
  -Djavax.net.ssl.trustStorePassword=eacpass
SET JVM_ARGS=%JVM_ARGS% -Djavax.net.ssl.keyStore=%KEYSTORE% 
  -Djavax.net.ssl.keyStoreType=JKS 
  -Djavax.net.ssl.keyStorePassword=eacpass

Enabling SSL for the EAC Web services

The same SET JVM_ARGS command line-arguments documented above can be used with any AXIS client.