Unable to setup SSL for Nexus


#1

Hi,

Unable to setup SSL for nexus-3.3.2-02, found nexus-default.properties and /sonartype/nexus3/etc/nexus.properties.
Would like to know where to update the application ssl port=10001 because i see all lines are commented in /sonartype/nexus3/etc/nexus.properties but not in nexus-default.properties.

I googled for ssl setup by updating application-port-ssl=8443 in both /sonartype/nexus3/etc/nexus.properties and nexus-default.properties
Next step created jks file in /nexus-3.3.2-02/etc/ssl and have updated /nexus-3.3.2-02/etc/jetty/jetty-https.xml to the keystore path absolute path

Final step added the jetty-https.xml in nexus-default.properties as below
nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-requestlog.xml,${jetty.etc}/jetty-https.xml

Then did a restart of nexus but unable to access the nexus on HTTP and HTTPS port.After revert the above changes able to access nexus on HTTP port

Need help


#2

See here:

https://help.sonatype.com/display/NXRM3/Configuring+SSL#ConfiguringSSL-ServingSSLDirectly

Also, I would strongly recommend upgrading this instance… 3.3.2 is very old. The current version is 3.16.2.


#3

Thanks for reply Rich Seddon,

But here i found there are no directories inside the <nexus_install>/sonatype-work/nexus3/etc except logback directory and nexus.properties file
where as found logback,fabric,jetty,karaf, ssl directories and nexus-default.properties file inside <nexus_install>/nexus-3.3.2-02/etc.
As per given link to update nexus.properties
Please suggest which file to use either nexus.properties file from sonatype-work/nexus3/etc or nexus-default.properties file inside <nexus_install>/nexus-3.3.2-02/etc
Also noticed the lines are commented in nexus.properties but not same in nexus-default.properties as shown below

Jetty section

application-port=xxxx

application-host=0.0.0.0

nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-requestlog.xml

nexus-context-path=/

Nexus section

nexus-edition=nexus-pro-edition

nexus-features=\

nexus-pro-feature

please help what to update in nexus.properties file.


#4

Hi,

Can anyone help me to reply on this thread


#5

Hi,

Have you considered setting up a reverse-proxy, probably using nginx. You would be able to setup SSL comfortably using that.

Regards
Karan Kaushik


#6

Hi Kaushik,

We are not using reverse-proxy and when i completed all the changes mentioned in link shared in previous update but still no luck


#7

Hi

Oh that seems like a personal choice then i guess
But is there any particular reason why you aren’t opting for reverse proxy?