TLS is configured with properties that are typically set on the container level.
| Note |
|---|
|
Quotes and double quotes surrounding the target path and property names are required to prevent overwriting of properties. For further information, see Working with STR. |
The available properties are:
| Excerpt |
|---|
mz.httpd.security
Set the value of this to property to true (default value is false) to enable encryption.
| Code Block |
|---|
| $ mzsh topo set 'topo://container:<container>/val:common."mz.httpd.security"' true |
mz.httpd.security.keystore
Use this property to set the keystore path, which must be absolute.
| Code Block |
|---|
| $ mzsh topo set 'topo://container:<container>/val:common."mz.httpd.security.keystore"' <keystore path> |
mz.httpd.security.keystore.password
Use this property to set the password for the keystore, as selected in keytool.
| Code Block |
|---|
| $ mzsh topo set 'topo://container:<container>/val:common."mz.httpd.security.keystore.password"' \
`mzsh encryptpassword <password>` |
mz.httpd.security.key.password
Use this property to set to the password for the key, as chosen in keytool. By default this is the same as the keystore password. (This is the default for keytool).
| Code Block |
|---|
| $ mzsh topo set topo://container:<container>/val:common.mz.httpd.security.key.password \
`mzsh encryptpassword <password>` |
|
| Note |
|---|
|
After having configured the properties, this section: | Code Block |
|---|
# Http url to platform, e.g http://localhost:9000
if [ -z "${MZ_PLATFORM+x}" ]; then
MZ_PLATFORM="http://localhost:9000"
export MZ_PLATFORM |
in the $MZ_HOME/bin/mzsh file needs to be updated to state https instead of http for both the Platform and the ECs. |