Apache Solr(LUCENE) ----- Search Engine

 Solr is an open-source search platform which is used to build search

applications
 It is a search storage engine
 It searches in the doc and retrieve back the info from it
 Lucene is a powerful java search library that lets you easily
add search or information retrieval to applications

How to enable SSL

1.first run these command through java bin

keytool -genkeypair -alias solr-ssl -keyalg RSA -keysize 2048 -keypass

secret -storepass secret -validity 9999 -keystore solr-ssl.keystore.jks -
ext SAN=DNS:localhost,IP:192.168.1.3,IP:127.0.0.1 -dname "CN=localhost,
OU=Organizational Unit, O=Organization, L=Location, ST=State, C=Country"

The above command will create a keystore file named solr-ssl.keystore.jks in the
current directory

2. Convert the Certificate and Key to PEM Format for Use with curl

curl isn’t capable of using JKS formatted keystores, so the JKS keystore needs to be
converted to PEM format, which curl understands.

First convert the JKS keystore into PKCS12 format using keytool:

keytool -importkeystore -srckeystore solr-ssl.keystore.jks -destkeystore

solr-ssl.keystore.p12 -srcstoretype jks -deststoretype pkcs12
3. The keytool application will prompt you to create a destination keystore password and for
the source keystore password, which was set when creating the keystore ("secret" in the
example shown above).

Next convert the PKCS12 format keystore, including both the certificate and the key, into
PEM format using the openssl command:

openssl pkcs12 -in solr-ssl.keystore.p12 -out solr-ssl.pem

If you want to use curl on OS X Yosemite (10.10), you’ll need to create a certificate-only
version of the PEM format, as follows:

openssl pkcs12 -nokeys -in solr-ssl.keystore.p12 -out solr-ssl.cacert.pem

4. Set Common SSL-Related System Properties

The Solr Control Script is already setup to pass SSL-related Java system properties to the
JVM. To activate the SSL settings, uncomment and update the set of properties beginning
with SOLR_SSL_* in bin/solr.in.sh. (or bin\solr.in.cmd on Windows).

bin/solr.in.sh example SOLR_SSL_* configuration

# Enables HTTPS. It is implictly true if you set SOLR_SSL_KEY_STORE. Use
this config
# to enable https module with custom jetty configuration.
SOLR_SSL_ENABLED=true
# Uncomment to set SSL-related system properties
# Be sure to update the paths to the correct keystore for your environment
SOLR_SSL_KEY_STORE=etc/solr-ssl.keystore.jks
SOLR_SSL_KEY_STORE_PASSWORD=secret
SOLR_SSL_TRUST_STORE=etc/solr-ssl.keystore.jks
SOLR_SSL_TRUST_STORE_PASSWORD=secret
# Require clients to authenticate
SOLR_SSL_NEED_CLIENT_AUTH=false
# Enable clients to authenticate (but not require)
SOLR_SSL_WANT_CLIENT_AUTH=false
# SSL Certificates contain host/ip "peer name" information that is
validated by default. Setting
# this to false can be useful to disable these checks when re-using a
certificate on many hosts
SOLR_SSL_CHECK_PEER_NAME=true
# Override Key/Trust Store types if necessary
SOLR_SSL_KEY_STORE_TYPE=JKS
SOLR_SSL_TRUST_STORE_TYPE=JKS

NOTE:

Client Authentication Settings

Enable either SOLR_SSL_NEED_CLIENT_AUTH or

SOLR_SSL_WANT_CLIENT_AUTH but not both at the same time. They are mutually
exclusive and Jetty will select one of them which may not be what you expect.

5.Now start the solr