...
Initially Non-SSL sites A and B are running.
- Stop accepting client connections in non-SSL site A (clients connect to non-SSL site B)
- Stop non-SSL site A once all queues are drained
- Stop receivers in non-SSL site B
- Pause senders in non-SSL site B
- Do puts in non-SSL site B (events are queued)
- Start SSL site A
- Start non-SSL proxy in site A
- Resume senders in non-SSL site B (site B will connect to the non-SSL proxy in site A, and its queues will drain)
- Stop non-SSL site B once all queues are drained
- Stop non-SSL proxy in site A
- Start SSL site B
...
In step 9, queues may never drain as long as clients are connected to site B.
Example
The attached example ssl-proxy-clean_09-12-2016.tgz example encapsulates the above steps.
...
Make sure that ANT_HOME/bin and JAVA_HOME/bin are also on the PATH.
Set the following GemFire properties in the config/gemfire-security.properties file to appropriate values:
gateway-ssl-keystore
gateway-ssl-keystore-password
gateway-ssl-truststore
gateway-ssl-truststore-password
Start Locators
Start locators in both sites using the startlocators.sh script like:
...
At this point, both sites will be up and communicating with each other using SSL sockets.
Run ln Client Loader
Run the ln client loader using the ln-client-load task like:
...