Securing connections for Talend Identity and Access Management - 6.4

Talend Real-time Big Data Platform Installation Guide for Linux

Version
6.4
Language
English (United States)
Product
Talend Real-Time Big Data Platform
Module
Talend Activity Monitoring Console
Talend Administration Center
Talend Artifact Repository
Talend CommandLine
Talend Data Preparation
Talend Data Stewardship
Talend DQ Portal
Talend ESB
Talend Identity Management
Talend Installer
Talend JobServer
Talend Log Server
Talend Project Audit
Talend Repository Manager
Talend Runtime
Talend SAP RFC Server
Talend Studio
Content
Installation and Upgrade

To enable SSL support on Talend Identity and Access Management, do the following:

  1. Open the <installation_path>/iam/apache-tomcat/conf/server.xml file.

  2. Comment the non-SSL part:

    <!-- <Connector port="9080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="9443" /> -->
  3. Uncomment the following lines:

    <!-- <Connector port="9443"
    protocol="org.apache.coyote.http11.Http11NioProtocol"
    maxThreads="150"
    SSLEnabled="true"
    Scheme="https" secure="true"
    clientAuth="false"
    sslProtocol="TLS"/> -->
    
  4. Add the following lines:

    keystoreFile="<certificate_path>/server.keystore.jks" 
    keystorePass="<certificate_password>"
    
  5. Open the <installation_path>/iam/apache-tomcat/conf/iam.properties file and change the below URLs from http to https:

    iam.url=https://${iam.host}:<port>
    tac.url=https://<host_name>:<port>/org.talend.administrator

    Note

    Whenever you change your Talend Administration Center password, make sure to replace your old password with the new one in the iam.properties file here.

  6. Delete the oidc and idp folders so that Talend Identity and Access Management can recreate them on the next startup.

  7. Open the <installation_path>/iam/apache-tomcat/conf/fediz_config.xml file and change the below URL from http to https:

    <issuer>https://<iam_url:port>/idp/federation</issuer>