Updating Sinequa license
For this task, you will need:
- the sinequa.license.txt file
- a workstation with Azure PowerShell
How to do:
- go into the sinequa.license.txt directory and open a PowerShell
- set the appropriate values related to your environment:
- Azure KeyVault: $AzureKeyVault = “<your Azure KeyVault name>”
- Azure Service Principal (if used): $AzureServicePrincipal = “<your Azure Service Principal name>”
- log-in to your Azure subscription
- if using your own credentials: Connect-AzAccount
- if using a Service Principal: Connect-AzAccount -Identity -AccountId “${AzureServicePrincipal}”
- check if the connection is ok. For this, I will retrieve the actual license
- Get-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-license” -AsPlainText
- configure the new license
- reading the new sinequa.license.txt file: $RawSecret = Get-Content “sinequa.license.txt” -Raw
- convert license to secure string: $SecureSecret = ConvertTo-SecureString -String $RawSecret -AsPlainText -Force
- setting the new license on KeyVault: Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-license” -SecretValue $SecureSecret
Securing Sinequa grid
For this task, you will need:
- the all 3 certificates generated by sinequa when securing a platform:
- the my-ca certificate file
- the my-server certificate file
- the my-server key file
- a workstation with Azure PowerShell
How to do:
- go into the certificates directory and open a PowerShell
- set the appropriate values related to your environment:
- Azure KeyVault: $AzureKeyVault = “<your Azure KeyVault name>”
- Azure Service Principal (if used): $AzureServicePrincipal = “<your Azure Service Principal name>”
- log-in to your Azure subscription
- if using your own credentials: Connect-AzAccount
- if using a Service Principal: Connect-AzAccount -Identity -AccountId “${AzureServicePrincipal}”
- configure the security secrets
- Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-force” –value “true”
- Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-server-ca-crt” –file “my-ca.crt.txt”
- Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-server-crt” –file “my-server.crt.txt”
- Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-server-key” –file “my-server.key.txt”
- Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-certificate-check” –value “RequireVerify”
- Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-ca-crt” –file “my-ca.crt.txt”
- Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-crt” –file “my-server.crt.txt”
- Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-key” –file “my-server.key.txt”
- Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-override-host-name” –value “autossl”
- Restart your grid. During the start, you should be able to see, in logs :
- [2024-07-11 15:50:31.005][50][info][Srpc.Server] Sinequa server listening on [::]:10301(ssl) ( cq = 10 * 1 , th = 10 , ma = 10 )
If you are using remote nodes, you will may have to modify the sinequa.xml file to add your certificates manually.
Please follow and like us:
