4.3.3 HTTP Standard Setup
The encryption requires an existing keystore file or a new keystore generated using the command Run the Create a keystore in the Platform Container. Example - Creating a keystore Change the url schema for the platform container. Run the Enable the TLS protocol over HTTP. Note! The alias must match the alias configured in the Container Properties, see 2.6.2 Container Properties. Example Change the url schema for the platform container. Note! If a trusted certificate has been configured, a FQDN (Fully Qualified Domain Name) must be configured for the URL matching the FQDN of the certificate subject. Restart the system including all Desktops.mzsh keytool generate
. For further information about using keytool
, see the JDK product documentation.Setting Up with a New Keystore File
mzsh keytool generate
command to create a new certificate and keystore file. The certificate generated by the command will have the alias: Platform.$ mzsh keytool generate -k <keystore file> --enable-tls http
$ mzsh keytool generate -k $MZ_HOME/keys/container.keys --enable-tls http
$ mzsh topo env --update-mz-platform https://<ip/hostname>:<port>
Setting Up with an Existing Keystore File
mzsh keytool
command with the enable-tls option when an existing keystore already exists in the installation.$ mzsh keytool enable-tls http -k <keystore file> -a <alias>
$ mzsh topo env --update-mz-platform https://<ip/hostname>:<port>