4.2.2.3 HTTP TLS Properties
- Chooi San Chong
The mzsh keytool enable-tls command from the Enable One-way SSL On HTTP section will automatically configure the properties listed below in the Platform container. You can also manually change the value of these properties.
Do a mzsh topo open container to view the platform container.conf.
Quotes and double quotes surrounding the target path and property names are required for some properties to prevent overwriting. For further information, see Working with STR.
mz.httpd.security
This property is set to true (default value is false) to enable encryption.
Example value in container.conf:
"mz.httpd.security"=trueTo set this property manually, run this command:
$ mzsh topo set 'topo://container:<container>/val:common."mz.httpd.security"' trueExample command:
$ mzsh topo set 'topo://container:platform/val:common."mz.httpd.security"' truemz.httpd.security.keystore
This property is to set the keystore file path. If this property is not set, TLS will not be used.
Example value in container.conf:
To set this property manually, run this command:
Example command:
Note: Full Path to the keystore file is required.
mz.httpd.security.keystore.password
Use this property to set the keystore password, which is the password we entered while creating keystore.
Example value in container.conf:
To set this property manually, run this command:
Example command:
mz.httpd.security.key.password
Use this property to set the password for the key, as chosen in keytool. By default, this is the same as the keystore password. (This is the default for keytool).
Example value in container.conf:
To set this property manually, run this command:
Example command:
Restart Required
After the configuration is done all affected processes need to be restarted. Use the following command:
The section contains the following subsections: