| ... | ... | @@ -20,7 +20,7 @@ The instructions described in those guidelines are using variables that needs to |
|
|
|
- **{DOMIBUS_PORT}** : Represents the internet-accessible port that you will open for Domibus.
|
|
|
|
- **{DOMIBUS_ACCESS_POINT}** : This is the designated name for your Domibus instance. Opt for a clear and descriptive name, like _france_ap_.
|
|
|
|
|
|
|
|
## Provision the required infrastructure
|
|
|
|
## Requirement
|
|
|
|
Before executing the above steps, please make sure that you comply with the below prerequisites:
|
|
|
|
- You have provisioned a linux server running the Docker engine including docker compose. As a reference, the central POC node is running on a server with the following properties :
|
|
|
|
- 3 vCPUs
|
| ... | ... | @@ -30,6 +30,7 @@ Before executing the above steps, please make sure that you comply with the belo |
|
|
|
- Your server is publicly reachable from internet through a public IP
|
|
|
|
- You have access to the following [materials](https://drive.google.com/drive/folders/1MSr2KryZ6jtsm5IfdZ-UP3MX0V5Pe-e9?usp=share_link) (Pmode file template, europe_ap certificate)
|
|
|
|
|
|
|
|
# How to setup
|
|
|
|
## 1 - Docker configuration
|
|
|
|
#### A - Docker compose:
|
|
|
|
If that's the case, access to your server with SSH and then create your **`{DOMIBUS_SERVER_DIRECTORY}`** and inside create `compose.yaml` file with the following:
|
| ... | ... | @@ -112,7 +113,7 @@ Stop your domibus instance by doing this following command at the same level of |
|
|
|
docker compose down
|
|
|
|
```
|
|
|
|
|
|
|
|
### Step 2 - keystore and trustore configuration
|
|
|
|
## Step 2 - keystore and trustore configuration
|
|
|
|
You should now have two JAVA keystores located in **{DOMIBUS_DOCKER_DIRECTORY}/domibus/keystores** :
|
|
|
|
- The **gateway_keystore.jks** will be used to store your own private and public keys.
|
|
|
|
- The **gateway_truststore.jks** will be used to store the public keys of the other eDelivery access points you want to exchange messages with.
|
| ... | ... | @@ -140,7 +141,7 @@ Import your certificat to your trustore: |
|
|
|
keytool -import -alias {DOMIBUS_ACCESS_POINT} -file {DOMIBUS_ACCESS_POINT}.cert -storetype JKS -keystore gateway_truststore.jks
|
|
|
|
```
|
|
|
|
|
|
|
|
### Step 3 - Domibus properties configuration
|
|
|
|
## Step 3 - Domibus properties configuration
|
|
|
|
In the file **{DOMIBUS_DOCKER_DIRECTORY}/domibus/domibus.properties**, find the section:
|
|
|
|
`Keystore/Truststore (Single Tenancy)`
|
|
|
|
And assign a password for the keystore you configured earlier
|
| ... | ... | @@ -169,7 +170,7 @@ In the `Security` section of the file, activate the security of the following pr |
|
|
|
#domibus.auth.unsecureLoginAllowed=false
|
|
|
|
```
|
|
|
|
|
|
|
|
### Step 4 - Domibus server configuration
|
|
|
|
## Step 4 - Domibus server configuration
|
|
|
|
Inside your **{DOMIBUS_SERVER_DIRECTORY}**
|
|
|
|
Start again the server by doing the command:
|
|
|
|
```shell
|
| ... | ... | @@ -358,5 +359,5 @@ Attach the certificate you generated earlier in your keystores folder, named {DO |
|
|
|
In the menu bar, navigate to `Plugin User`. Create a new plugin user by clicking on “New”
|
|
|
|
Make sure that you save your modification.
|
|
|
|
|
|
|
|
### Step 5 - Test your connection
|
|
|
|
# Test your connection
|
|
|
|
Navigate into `Connection Monitoring` and try to send a message, if the status is green your domibus is ready to exchange messages. |
|
|
\ No newline at end of file |
