DESCARGA DE ARCHIVOS
Descargamos los paquetes que nos servirán en la instalación.
- alfresco-community-4.2.c.zip ( http://wiki.alfresco.com/wiki/Community_file_list_4.2.c )
- jdk-7u17-linux-x64.rpm ( http://www.oracle.com/technetwork/es/java/javase/downloads/index.html )
[user@host ~] # yum install tomcat6 [user@host ~] # vim /etc/sysconfig/tomcat6 # Agregar al final del archivo JAVA_OPTS= "$JAVA_OPTS -Xms512m -Xmx512m -XX:MaxPermSize=256m" |
[user@host ~] # chmod u+x jdk-7u17-linux-x64.rpm [user@host ~] # yum localinstall jdk-7u17-linux-x64.rpm [user@host ~] # /usr/sbin/alternatives --install /usr/bin/java java /usr/java/jdk1.7.0_17/bin/java 17000 \ > --slave /usr/lib/jvm/jre jre /usr/java/jdk1 .7.0_17 /jre \ > --slave /usr/lib/jvm-exports/jre jre_exports /usr/java/jdk1 .7.0_17 /jre \ > --slave /usr/bin/keytool keytool /usr/java/jdk1 .7.0_17 /bin/keytool \ > --slave /usr/bin/rmiregistry rmiregistry /usr/java/jdk1 .7.0_17 /bin/rmiregistry \ > --slave /usr/bin/javaws javaws /usr/java/jdk1 .7.0_17 /bin/javaws [user@host ~] # /usr/sbin/alternatives --install /usr/bin/javac javac /usr/java/jdk1.7.0_17/bin/javac 1700 \ > --slave /usr/lib/jvm/java java_sdk /usr/java/jdk1 .7.0_17 \ > --slave /usr/lib/jvm-exports/java java_sdk_exports /usr/java/jdk1 .7.0_17/ \ > --slave /usr/bin/javadoc javadoc /usr/java/jdk1 .7.0_17 /bin/javadoc \ > --slave /usr/bin/javah javah /usr/java/jdk1 .7.0_17 /bin/javah \ > --slave /usr/bin/jar jar /usr/java/jdk1 .7.0_17 /bin/jar \ > --slave /usr/bin/jarsigner jarsigner /usr/java/jdk1 .7.0_17 /bin/jarsigner \ > --slave /usr/bin/rmic rmic /usr/java/jdk1 .7.0_17 /bin/rmic [user@host ~] # alternatives --config java Hay 2 programas que proporcionan 'java' . Selección Comando ----------------------------------------------- *+ 1 /usr/java/jdk1 .6.0_43 /bin/java 2 /usr/java/jdk1 .7.0_17 /bin/java Presione Intro para mantener la selección actual[+], o escriba el número de la selección: 2 [user@host ~] # alternatives --config javac Hay 2 programas que proporcionan 'javac' . Selección Comando ----------------------------------------------- *+ 1 /usr/java/jdk1 .6.0_43 /bin/javac 2 /usr/java/jdk1 .7.0_17 /bin/javac Presione Intro para mantener la selección actual[+], o escriba el número de la selección: 2 |
INSTALACION DE SERVICIOS DEPENDIENTES
[user@host ~] #
yum install libreoffice-base libreoffice-calc libreoffice-core
libreoffice-draw libreoffice-graphicfilter libreoffice-impress
libreoffice-math libreoffice-writer libreoffice-xsltfilter
libreoffice-headless xml-commons-apis mysql-connector-java ImageMagick
t1lib [user@host ~] # yum install swftools --enablerepo rpmforge |
CONFIGURACION DE ALFRESCO
[user@host ~] #~]# mkdir alfresco [user@host alfresco] # cd alfresco [user@host alfresco] # mv alfresco-community-4.2.c.zip alfresco/ [user@host alfresco] # unzip alfresco-community-4.2.c.zip [user@host alfresco] # cp web-server/webapps/* /var/lib/tomcat6/webapps/ [user@host alfresco] # cp -r web-server/shared /var/lib/tomcat6/ [user@host alfresco] # cp -r web-server/endorsed/ /var/lib/tomcat6/ [user@host alfresco] # chown :tomcat -R /var/lib/tomcat6/ [user@host alfresco] # chmod 775 -R /var/lib/tomcat6/ [user@host ~] #vim /etc/tomcat6/catalina.properties # Agregar al final del archivo shared.loader= /usr/share/java/mysql-connector-java .jar,${catalina.base} /shared/classes ,${catalina.base} /shared/lib/ *.jar |
- Iniciamos y detenemos el servicio para que generar los archivos de configuración del servicio
[user@host ~] # service tomcat6 start Starting tomcat6: [ OK ] [user@host ~] # service tomcat6 status tomcat6 (pid 2613) is running... [ OK ] [user@host ~] # service tomcat6 stop Stopping tomcat6: [ OK ] |
- Creamos el archivo de configuración del webservice alfresco desde la plantilla
[user@host ~] # cd /var/lib/tomcat6/shared/classes/ [user@host classes] # cp alfresco-global.properties.sample alfresco-global.properties [user@host classes] # chmod 600 alfresco-global.properties [user@host classes] # chown tomcat:tomcat alfresco-global.properties |
- Creamos el directorio de repositorio de alfresco
[user@host classes] # mkdir /var/lib/alf_data [user@host classes] # chown tomcat:tomcat /var/lib/alf_data [user@host classes] # chmod 700 /var/lib/alf_data |
- Configuramos el servicio alfresco
[user@host classes] # vim alfresco-global.properties # # Sample custom content and index data location # dir .root= /var/lib/alf_data dir .keystore= /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/keystore # # Sample database connection properties # db.username=MiUsuario db.password=MiPassword # # MySQL connection # Tome en CUENTA la URL de conexion apunta a LOCALHOST, db.driver=com.mysql.jdbc.Driver db.url=jdbc:mysql: //localhost :3306 /alfresco ?useUnicode= yes &characterEncoding=UTF-8 # Libreoffice service ooo.exe= /usr/bin/soffice ooo.enabled= true jodconverter.officeHome= /usr/bin/libreoffice jodconverter.portNumbers=8101 jodconverter.enabled= true # Utilidades del sistema img.dyn= /usr/lib64/ImageMagick-6 .5.4 img.exe= /usr/bin/convert swf.exe= /usr/bin/pdf2swf # Outbound SMTP mail.host=mail.midominio.com.mx mail.port=465 mail.username=mi_usuario mail.password=MiPassword mail.encoding=UTF-8 mail.from.default=noreply@midominio.com.mx mail.from.enabled= true mail.protocol=smtps mail.smtp.auth= false mail.smtp.debug= false mail.smtp.timeout=5000 mail.smtp.starttls. enable = false mail.smtps.auth= true mail.smtps.starttls. enable = true # authentication.chain=alfrescoNtlm1:alfrescoNtlm # # # URL Generation Parameters # alfresco.context=alfresco alfresco.host=alfresco.midominio.com alfresco.port=8080 alfresco.protocol=http # share.context=share share.host=share.midominio.com share.port=8080 share.protocol=http [user@host ~] # vim /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/log4j.properties log4j.appender.File.File= /var/log/tomcat6/alfresco .log [user@host ~] # vim /var/lib/tomcat6/webapps/share/WEB-INF/classes/log4j.properties log4j.appender.File.File= /var/log/tomcat6/share .log [user@host ~] # vim /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers.properties # Por defecto estas variables estan en TRUE cabialas a FALSE si no usaras los |
servicios que se listan cifs.enabled= false ftp .enabled= false |
VALIDACION DEL CERTIFICADO DE MAIL - SSL CA java
Aplica este caso solo si tu servidor de correo usa un CA (certificado de autoridad) no valido y que tu conexión lo haras por SMTPS SSL. Cuando tu certificado de CA la has expedido de manera personal y no por una institución (VerySing ejemplo) es necesario agregar tu CA a los repositorios de tu maquina virtual de java, de lo contrario no podrás hacer una conexión SSL a tu servidor de correos.
- Descargando SSLPoke que nos permitira hacer una prueba de conexion SSL con Java
[user@host ~] # wget -O SSLPoke.class http://confluence.atlassian.com/download/attachments/180292346/SSLPoke.class?version=1&modificationDate=1236556489366 |
- Ejecutando para probar la conexion SSL con java
[user@host ~] # java SSLPoke mail.midominio.com.mx 465 sun.security.validator.ValidatorException:
PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:702) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:136) at SSLPoke.main(SSLPoke.java:31) Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) |
Este error sale porque no se pudo realizar la conexion debido a un CA Invalido o no encontrado en el repositorio
- Configurar InstallCert y para validar el CA del servidor
[user@host ~] # wget -O InstallCert.java http://confluence.atlassian.com/download/attachments/180292346/InstallCert.java?version=1&modificationDate=1315453596921 [user@host ~] # chmod ug+x InstallCert.java [user@host ~] # javac InstallCert.java [user@host ~] # java InstallCert mail.midominio.com.mx:465 |
- Copiando el certificado CA
[user@host ~] # cp jssecacerts /usr/java/jdk1.7.0_17/jre/lib/security/ |
- Volvemos a intentar conectarnos por SSL y probar el certificado
[user@host ~] # java SSLPoke mail.midominio.com.mx 465 Successfully connected |
CONFIGURACION DE IPTABLES FIREWALL
[user@host ~] # vim /etc/sysconfig/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT [user@host ~] # service iptables restart |
CONFIGURACION DE HOST NAME
[user@host ~] # cat /etc/hosts 127.0.0.1
localhost localhost.localdomain localhost4 localhost4.localdomain4
alfresco alfresco.midominio.com share.midominio.com ::1
localhost localhost.localdomain localhost6 localhost6.localdomain6
alfresco alfresco.midominio.com share.midominio.com 10.0.0.XX alfresco alfresco.midominio.com share.midominio.com |
PROXY HTTP
Configuraremos un proxy para re-dirección con apache para no tener que acceder al servicio por el puerto 8080 y este
sea mas ameno el link a los lusers
[user@host ~] # yum install httpd [user@host ~] # chkconfig httpd on [user@host ~] # vim /etc/httpd/conf/httpd.conf # ServerAdmin admin@midominio.com.mx ServerName alfresco.midominio.com:80 # NameVirtualHost *:80 #
ServerName share.midominio.com ProxyRequests Off RewriteEngine On Redirect / http: //share .midominio.com /share ProxyPass /share http: //share .midominio.com:8080 /share ProxyPassReverse /share http: //share .midominio.com:8080 /share ErrorLog /var/log/httpd/share .midominio.com.error.log CustomLog /var/log/httpd/share .midominio.com.access.log common < /VirtualHost > #
ServerName alfresco.red-alf.com ProxyRequests Off RewriteEngine On RewriteRule ^ /alfresco/ (.*) /$1 [PT] ProxyPass / http: //127 .0.0.1:8080 /alfresco/ ProxyPassReverse / http: //127 .0.0.1:8080 /alfresco/ ErrorLog /var/log/httpd/alfresco .midominio.com.error.log CustomLog /var/log/httpd/alfresco .midominio.com.access.log common < /VirtualHost > |
[user@host ~] # service httpd start |