Sinequa For Azure – Managing Azure data

Posted on by

Updating Sinequa license

For this task, you will need:

  • the sinequa.license.txt file
  • a workstation with Azure PowerShell

How to do:

  1. go into the sinequa.license.txt directory and open a PowerShell
  2. set the appropriate values related to your environment:
    • Azure KeyVault: $AzureKeyVault = “<your Azure KeyVault name>”
    • Azure Service Principal (if used): $AzureServicePrincipal = “<your Azure Service Principal name>”
  3. log-in to your Azure subscription
    • if using your own credentials: Connect-AzAccount
    • if using a Service Principal: Connect-AzAccount -Identity -AccountId “${AzureServicePrincipal}”
  4. check if the connection is ok. For this, I will retrieve the actual license
    • Get-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-license” -AsPlainText
  5. configure the new license
    • reading the new sinequa.license.txt file: $RawSecret =  Get-Content “sinequa.license.txt” -Raw
    • convert license to secure string: $SecureSecret = ConvertTo-SecureString -String $RawSecret -AsPlainText -Force
    • setting the new license on KeyVault: Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-license” -SecretValue $SecureSecret

Securing Sinequa grid

For this task, you will need:

  • the all 3 certificates generated by sinequa when securing a platform:
    1. the my-ca certificate file
    2. the my-server certificate file
    3. the my-server key file
    4. a workstation with Azure PowerShell

How to do:

  1. go into the certificates directory and open a PowerShell
  2. set the appropriate values related to your environment:
    • Azure KeyVault: $AzureKeyVault = “<your Azure KeyVault name>”
    • Azure Service Principal (if used): $AzureServicePrincipal = “<your Azure Service Principal name>”
  3. log-in to your Azure subscription
    • if using your own credentials: Connect-AzAccount
    • if using a Service Principal: Connect-AzAccount -Identity -AccountId “${AzureServicePrincipal}”
  4. configure the security secrets
    • Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-force” –value “true”
    • Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-server-ca-crt” –file “my-ca.crt.txt”
    • Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-server-crt” –file “my-server.crt.txt”
    • Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-server-key” –file “my-server.key.txt”
    • Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-certificate-check” –value “RequireVerify”
    • Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-ca-crt” –file “my-ca.crt.txt”
    • Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-crt” –file “my-server.crt.txt”
    • Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-key” –file “my-server.key.txt”
    • Set-AzKeyVaultSecret -VaultName “${AzureKeyVault}” -Name “sinequa-ssl-client-override-host-name” –value “autossl”
  5. Restart your grid. During the start, you should be able to see, in logs :
    • [2024-07-11 15:50:31.005][50][info][Srpc.Server] Sinequa server listening on [::]:10301(ssl) ( cq = 10 * 1 , th = 10 , ma = 10 )

If you are using remote nodes, you will may have to modify the sinequa.xml file to add your certificates manually.

Please follow and like us:
fb-share-icon
Tweet
fb-share-icon

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.