Merge pull request #2181 from jburel/certificates

Certificates

omero/sysadmins/unix/ciphers

@@ -0,0 +1,5 @@
+Weaker ciphers like ADH are disabled by default in new versions of OpenSSL
+and TLS versions 1.0 and 1.1 have been dropped from JDK packages.
+In order to connect to an OMERO.server using any OMERO clients
+e.g. the Java Desktop client, the OMERO.web client or the CLI and import data, 
+you need to generate self-signed certificates after installing the `omero-certificates <https://github.com/ome/omero-certificates>`_ package.

omero/sysadmins/unix/server-centos7-ice36.rst

@@ -119,6 +119,13 @@ Configure the database and the location of the data directory:
     :start-after: #end-copy-omeroscript
     :end-before: #end-step04
 
+.. include:: ciphers
+
+.. literalinclude:: walkthrough/walkthrough_centos7.sh
+    :start-after: #start-seclevel
+    :end-before: #end-seclevel
+
+See also :doc:`../client-server-ssl`.
 
 Running OMERO.server
 --------------------

omero/sysadmins/unix/server-centos8-ice36.rst

@@ -120,16 +120,14 @@ Configure the database and the location of the data directory:
     :end-before: #end-step04
 
 
-Weaker ciphers like ADH are disabled by default in OpenSSL 1.1+,
-the version installed on CentOS 8.
-This means that it is not possible to connect to an OMERO.server
-using any OMERO clients e.g. the Java Desktop client,
-the OMERO.web client or the CLI.
+.. include:: ciphers
 
 .. literalinclude:: walkthrough/walkthrough_centos8.sh
     :start-after: #start-seclevel
     :end-before: #end-seclevel
-
+
+See also :doc:`../client-server-ssl`.
+
 Running OMERO.server
 --------------------
 

omero/sysadmins/unix/server-debian10-ice36.rst

@@ -120,16 +120,14 @@ Configure the database and the location of the data directory:
     :start-after: #end-copy-omeroscript
     :end-before: #end-step04
 
-Weaker ciphers like ADH are disabled by default in OpenSSL 1.1+,
-the version installed on Debian 10.
-This means that it is not possible to connect to an OMERO.server
-using any OMERO clients e.g. the Java Desktop client,
-the OMERO.web client or the CLI. Run:
+.. include:: ciphers
 
 .. literalinclude:: walkthrough/walkthrough_debian10.sh
     :start-after: #start-seclevel
     :end-before: #end-seclevel
 
+See also :doc:`../client-server-ssl`.
+
 Running OMERO.server
 --------------------
 

omero/sysadmins/unix/server-debian9-ice36.rst

@@ -133,16 +133,14 @@ Configure the database and the location of the data directory:
     :start-after: #end-copy-omeroscript
     :end-before: #end-step04
 
-Weaker ciphers like ADH are disabled by default in OpenSSL 1.1.0,
-the version installed on Debian 9.
-This means that it is not possible to connect to an OMERO.server
-using any OMERO clients e.g. the Java Desktop client,
-the OMERO.web client or the CLI. Run:
+.. include:: ciphers
 
 .. literalinclude:: walkthrough/walkthrough_debian9.sh
     :start-after: #start-seclevel
     :end-before: #end-seclevel
 
+See also :doc:`../client-server-ssl`.
+
 Running OMERO.server
 --------------------
 

omero/sysadmins/unix/server-installation.rst

@@ -312,6 +312,9 @@ typing later, to reflect what you set :envvar:`OMERO_PREFIX` to in the
 This will also ease installation of newer versions of the server at a
 later date, by simply updating the link.
 
+.. note::
+  .. include:: ciphers
+
 .. _server_env:
 
 Environment variables

omero/sysadmins/unix/server-ubuntu1804-ice36.rst

@@ -107,6 +107,8 @@ Change the ownership of the OMERO.server directory and create a symlink:
     :start-after: #end-release-ice36
     :end-before: #end-step04-pre
 
+See also :doc:`../client-server-ssl`.
+
 Configuring OMERO.server
 ------------------------
 
@@ -125,11 +127,7 @@ Configure the database and the location of the data directory:
     :start-after: #end-copy-omeroscript
     :end-before: #end-step04
 
-Weaker ciphers like ADH are disabled by default in OpenSSL 1.1+,
-the version installed on Ubuntu 18.04.
-This means that it is not possible to connect to an OMERO.server
-using any OMERO clients e.g. the Java Desktop client,
-the OMERO.web client or the CLI. Run:
+.. include:: ciphers
 
 .. literalinclude:: walkthrough/walkthrough_ubuntu1804.sh
     :start-after: #start-seclevel

omero/sysadmins/unix/server-ubuntu2004-ice36.rst

@@ -125,17 +125,14 @@ Configure the database and the location of the data directory:
     :start-after: #end-copy-omeroscript
     :end-before: #end-step04
 
-Weaker ciphers like ADH are disabled by default in OpenSSL 1.1+,
-the version installed on Ubuntu 20.04.
-This means that it is not possible to connect to an OMERO.server
-using any OMERO clients e.g. the Java Desktop client,
-the OMERO.web client or the CLI.
-Run:
+.. include:: ciphers
 
 .. literalinclude:: walkthrough/walkthrough_ubuntu2004.sh
     :start-after: #start-seclevel
     :end-before: #end-seclevel
 
+See also :doc:`../client-server-ssl`.
+
 Running OMERO.server
 --------------------