apologies, part of my message got snipped, before sending .... As Michael eluded too, the answer to getting a cert is different depending on what version MarkLogic you are using;
With MarkLogic 6, you would need to run some xquery (admin:cluster-get-xdqp-ssl-certificate() eg. http://docs.marklogic.com/6.0/admin:cluster-get-xdqp-ssl-certificate). You could create a custom xquery endpoint (and put under secured http webserver) for puppet to get via http. Alternately you could use xcc client (which runs xquery via XDBC server) with Java/.NET via http://developer.marklogic.com/products/xcc With MarkLogic 7 - we are now moving into much easier way (REST interfaces to management functionality) of getting such information ... eg. in MarkLogic v7 you can hit http://localhost:8001/admin/v1/server-config with the appropriate credentials and get from there. hope that is clear, J On Thu, Mar 27, 2014 at 9:40 AM, James Fuller <[email protected]>wrote: > here is a worked example that couples clusters programmatically; coupling > clusters is a 2 step process, where you supply the details of the other in > each step ... hope that is clear. > > hth, Jim Fuller > > > > ----------------------------------------------------------------------------------------------- > Step I - run from clusterA supplying clusterB details > > ----------------------------------------------------------------------------------------------- > xquery version "1.0-ml"; > > (: note - you can obtain foreign cluster id by running > admin:cluster-get-id on the foreign cluster. :) > > import module namespace admin = "http://marklogic.com/xdmp/admin"; at > "/MarkLogic/admin.xqy"; > > let $cfg := admin:get-configuration() > let $clustername := "clusterB" > let $foreignclusterid := 9774340110587344639 > let $foreignhostid := 11150713027523075995 > let $foreignhostname := "clusterB-host1" > > > let $foreigncert := > "-----BEGIN CERTIFICATE----- > MIICyzCCAbOgAwIBAgIIYqeTzwn1HpwwDQYJKoZIhvcNAQELBQAwHjEcMBoGA1UE > AxMTOTc3NDM0MDExMDU4NzM0NDYzOTAeFw0xNDAzMjYxNzA4MjRaFw0yNDAzMjMx > NzA4MjRaMB4xHDAaBgNVBAMTEzk3NzQzNDAxMTA1ODczNDQ2MzkwggEiMA0GCSqG > SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsWfErOHAOZfbodE/hAp+SZDUBvkMLgf3c > vmy3meSYu1j+VMzAm1Q/4EZWLu7ROXZejByCoreXNGWeNqHCQRPd5mbiRrae8vmI > F5pnDsOyFH62iyNflGY7HQFWUYQSpZPOxe6ukf4G3h8F5/TBNtpqTSgcs49/JX7q > o2bdopAKW/oZabKowqwvmggBaP4EQpBpLJIbdJ1KVaPumnfYdYqLsMx62NiTrlJk > Xbk+4ID8//kayfMPikLJNXeC2x+2Us5fSySfoxOvTTTRJXm2YOJevXr8dzsjrJc4 > tnCUcw/wrabUSFxD+WwSwpTxkSx8Nd3VNulPveiZSk27cMJl1CkjAgMBAAGjDTAL > MAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAGv0K02ovtetc7ZJx23KlWW > hyXS2/vBbbYcSZ0Jb7Qwf695DxBHO9A+nca4TLBUPkyIduI6dviMKPcmjmkwDZmP > VvJmPpByotmVWDOlazYdTIXKg3CD5mmyCO18dGrMlRFxvVgOZvZdnJ+9G6jGPRHy > U1EPUbtELicQwnRbSKqF4yTfPpuaeB/m4zxnlBGB3swWxQX0FlWJpl07x0+vgxDt > Fqf7BMeCpBzA4Ss15lAYWZVNWq3Pfu/u/dr9OjYV7Zg64ap61kTZvQi4AJ7fWLFT > 8/r+bExKL8/+qJeBTgXS3vH5uDSr2blFgxChn3+hbpSOHWJllCfR2xU1t6/LUTQ= > -----END CERTIFICATE-----" > > let $foreignhost := admin:foreign-host($foreignhostid, $foreignhostname, > 7998) > let $cfg := admin:foreign-cluster-create( > $cfg, $foreignclusterid, $clustername, 10, 30, $foreigncert, fn:false(), > fn:true(), fn:true(), "ALL:!LOW:@STRENGTH", $foreignhost) > > return admin:save-configuration($cfg) > > > ----------------------------------------------------------------------------------------------- > Step II - run from clusterB supplying clusterA details > > ----------------------------------------------------------------------------------------------- > > xquery version "1.0-ml"; > > (: note - you can obtain foreign cluster id by running > admin:cluster-get-id on the foreign cluster. :) > > import module namespace admin = "http://marklogic.com/xdmp/admin"; at > "/MarkLogic/admin.xqy"; > > let $cfg := admin:get-configuration() > let $clustername := "clusterA" > let $foreignclusterid := 5873446399774340110 > let $foreignhostid := 27523075995111507130 > let $foreignhostname := "clusterA-host1" > > > let $foreigncert := > "-----BEGIN CERTIFICATE----- > tnCUcw/wrabUSFxD+WwSwpTxkSx8Nd3VNulPveiZSk27cMJl1CkjAgMBAAGjDTAL > MIICyzCCAbOgAwIBAgIIYqeTzwn1HpwwDQYJKoZIhvcNAQELBQAwHjEcMBoGA1UE > AxMTOTc3NDM0MDExMDU4NzM0NDYzOTAeFw0xNDAzMjYxNzA4MjRaFw0yNDAzMjMx > NzA4MjRaMB4xHDAaBgNVBAMTEzk3NzQzNDAxMTA1ODczNDQ2MzkwggEiMA0GCSqG > SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsWfErOHAOZfbodE/hAp+SZDUBvkMLgf3c > vmy3meSYu1j+VMzAm1Q/4EZWLu7ROXZejByCoreXNGWeNqHCQRPd5mbiRrae8vmI > F5pnDsOyFH62iyNflGY7HQFWUYQSpZPOxe6ukf4G3h8F5/TBNtpqTSgcs49/JX7q > o2bdopAKW/oZabKowqwvmggBaP4EQpBpLJIbdJ1KVaPumnfYdYqLsMx62NiTrlJk > Xbk+4ID8//kayfMPikLJNXeC2x+2Us5fSySfoxOvTTTRJXm2YOJevXr8dzsjrJc4MAkGA > 1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAGv0K02ovtetc7ZJx23KlWW > hyXS2/vBbbYcSZ0Jb7Qwf695DxBHO9A+nca4TLBUPkyIduI6dviMKPcmjmkwDZmP > U1EPUbtELicQwnRbSKqF4yTfPpuaeB/m4zxnlBGB3swWxQX0FlWJpl07x0+vgxDt > Fqf7BMeCpBzA4Ss15lAYWZVNWq3Pfu/u/dr9OjYV7Zg64ap61kTZvQi4AJ7fWLFT > 8/r+bExKL8/+qJeBTgXS3vH5uDSr2blFgxChn3+hbpSOHWJllCfR2xU1t6/LUTQ > VvJmPpByotmVWDOlazYdTIXKg3CD5mmyCO18dGrMlRFxvVgOZvZdnJ+9G6jGPRHy= > -----END CERTIFICATE-----" > > let $foreignhost := admin:foreign-host($foreignhostid, $foreignhostname, > 7998) > let $cfg := admin:foreign-cluster-create( > $cfg, $foreignclusterid, $clustername, 10, 30, $foreigncert, fn:false(), > fn:true(), fn:true(), "ALL:!LOW:@STRENGTH", $foreignhost) > > return admin:save-configuration($cfg) > > > > > > > On Thu, Mar 27, 2014 at 1:29 AM, Marc Young <[email protected]> wrote: > >> MarkLogic-6.0-4.1, but by the looks of that page I think this is more >> reason to move to ML7 >> >> >> On Wed, Mar 26, 2014 at 7:22 PM, Michael Blakeley <[email protected]>wrote: >> >>> Which version of MarkLogic is this? Are you using the ML7 REST API for >>> joining a cluster, or building something custom? >>> >>> http://docs.marklogic.com/guide/admin-api/cluster#id_88294 >>> >>> -- Mike >>> >>> On 26 Mar 2014, at 16:53 , Marc Young <[email protected]> wrote: >>> >>> > When joining a cluster, the new node presents an ssl-certificate in >>> the HTTP requests. I'm looking at automating the cluster joining and need >>> to be able to find this ssl-certificate before the MarkLogic installs. >>> Reason being is we use Puppet, and puppet doesn't allow you to run commands >>> in the middle of a catalog run and collect output. The closest thing in >>> puppet is a 'fact' but facts are generated before a puppet run is made so >>> the ssl-certificate needs to be known before the RPM installs. >>> > _______________________________________________ >>> > General mailing list >>> > [email protected] >>> > http://developer.marklogic.com/mailman/listinfo/general >>> >>> _______________________________________________ >>> General mailing list >>> [email protected] >>> http://developer.marklogic.com/mailman/listinfo/general >>> >> >> >> _______________________________________________ >> General mailing list >> [email protected] >> http://developer.marklogic.com/mailman/listinfo/general >> >> >
_______________________________________________ General mailing list [email protected] http://developer.marklogic.com/mailman/listinfo/general
