| ... | ... | @@ -17,7 +17,7 @@ Throughout this process, you will: |
|
|
|
The instructions in these guidelines use variables that must be replaced with the appropriate values in your context:
|
|
|
|
|
|
|
|
- **`{ADMIN_USER}`**: Represents the admin user of the Linux terminal on the server.
|
|
|
|
- **`{DOMIBUS_SERVER_DIRECTORY}`**: This signifies the directory on your server where Domibus will be installed.
|
|
|
|
- **`{DOMIBUS_DIRECTORY}`**: This signifies the directory on your server where Domibus will be installed.
|
|
|
|
- **`{DOMIBUS_HOST}`**: Denotes the public IP address/hostname of the server where you intend to install Domibus.
|
|
|
|
- **`{DOMIBUS_PORT}`**: Represents the internet-accessible port that you will open for Domibus.
|
|
|
|
- **`{DOMIBUS_ACCESS_POINT}`**: This is the designated name for your Domibus instance. Choose a clear and descriptive name, such as `france_ap`.
|
| ... | ... | @@ -100,7 +100,7 @@ newgrp docker |
|
|
|
:globe_with_meridians:
|
|
|
|
|
|
|
|
Access your server using SSH.
|
|
|
|
Consider creating the **`{DOMIBUS_SERVER_DIRECTORY}`** in the **`/opt/`** folder. Within this directory, establish a `compose.yaml` file containing the following content:
|
|
|
|
Consider creating the **`{DOMIBUS_DIRECTORY}`** in the **`/opt/`** folder. Within this directory, establish a `compose.yaml` file containing the following content:
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
#
|
| ... | ... | @@ -163,7 +163,7 @@ volumes: |
|
|
|
|
|
|
|
If necessary, change the **18080** port to the port you have opened to the internet. This port will be referred to as **`{DOMIBUS_PORT}`**.
|
|
|
|
|
|
|
|
Execute the following commands within the directory identified as **`{DOMIBUS_SERVER_DIRECTORY}`**
|
|
|
|
Execute the following commands within the directory identified as **`{DOMIBUS_DIRECTORY}`**
|
|
|
|
```shell
|
|
|
|
docker compose up -d
|
|
|
|
```
|
| ... | ... | @@ -184,7 +184,7 @@ http://{DOMIBUS_HOST}:{DOMIBUS_PORT}/domibus |
|
|
|
Self-signed certificates are intended for testing purposes only and should not be used in production. For production use, consider obtaining certificates from a trusted certificate provider. Additional information on certificate providers can be found [here](https://ec.europa.eu/digital-building-blocks/wikis/display/DIGITAL/PKI+Service).
|
|
|
|
|
|
|
|
### A - Generating certificate
|
|
|
|
Make sure you have the Java KeyStore/TrustStore located in **`{DOMIBUS_SERVER_DIRECTORY}/domibus/keystores`** :
|
|
|
|
Make sure you have the Java KeyStore/TrustStore located in **`{DOMIBUS_DIRECTORY}/domibus/keystores`** :
|
|
|
|
- `gateway_keystore.jks` store your private and public keys.
|
|
|
|
- `gateway_truststore.jks` store the public keys of other eDelivery Access Points for message exchange.
|
|
|
|
|
| ... | ... | @@ -232,14 +232,14 @@ This mutual exchange ensures seamless communication between your Domibus instanc |
|
|
|
You may need to use `scp` on your PC to copy your certificate file from the server to your personal computer. For example:
|
|
|
|
|
|
|
|
```shell
|
|
|
|
scp {ADMIN_USER}@{DOMIBUS_HOST}:/opt/{DOMIBUS_SERVER_DIRECTORY}/domibus/keystores/{DOMIBUS_ACCESS_POINT}.cer /path/on/your/personal/computer
|
|
|
|
scp {ADMIN_USER}@{DOMIBUS_HOST}:/opt/{DOMIBUS_DIRECTORY}/domibus/keystores/{DOMIBUS_ACCESS_POINT}.cer /path/on/your/personal/computer
|
|
|
|
```
|
|
|
|
>**Note**: We consider you created your **`{DOMIBUS_SERVER_DIRECTORY}`** inside the **`/opt/`** folder like suggested earlier. If not, please adjust the command to reflect the exact location of your **`{DOMIBUS_SERVER_DIRECTORY}`**
|
|
|
|
>**Note**: We consider you created your **`{DOMIBUS_DIRECTORY}`** inside the **`/opt/`** folder like suggested earlier. If not, please adjust the command to reflect the exact location of your **`{DOMIBUS_DIRECTORY}`**
|
|
|
|
|
|
|
|
## 3 - Domibus Properties
|
|
|
|
:globe_with_meridians:
|
|
|
|
|
|
|
|
In the file **`{DOMIBUS_SERVER_DIRECTORY}/domibus/domibus.properties`**, locate the section labeled `Keystore/Truststore (Single Tenancy)` and set the passwords you configured on the previous step:
|
|
|
|
In the file **`{DOMIBUS_DIRECTORY}/domibus/domibus.properties`**, locate the section labeled `Keystore/Truststore (Single Tenancy)` and set the passwords you configured on the previous step:
|
|
|
|
|
|
|
|
```properties
|
|
|
|
# ---------------------------------- Keystore/Truststore (Single Tenancy) -----------------------
|
| ... | ... | @@ -280,7 +280,7 @@ domibus.passwordPolicy.expiration=90 |
|
|
|
## 4 - Users Credentials
|
|
|
|
:globe_with_meridians:
|
|
|
|
|
|
|
|
Within the directory or any of its subdirectories of the **`{DOMIBUS_SERVER_DIRECTORY}`**, restart your Domibus server by doing the command:
|
|
|
|
Within the directory or any of its subdirectories of the **`{DOMIBUS_DIRECTORY}`**, restart your Domibus server by doing the command:
|
|
|
|
```shell
|
|
|
|
docker compose restart
|
|
|
|
```
|
| ... | ... | |
| ... | ... | |
