Allowing HTTPS connections - Cloud

Talend Remote Engine User Guide for Windows

EnrichVersion
Cloud
EnrichProdName
Talend Cloud
EnrichPlatform
Talend Remote Engine
task
Design and Development
Installation and Upgrade
The Studio generates a microservice artifact jar file that contains a properties file. To allow HTTPS connections, you must create your own application.properties file, edit it and configure the Data Service Runner to deploy it.

Procedure

  1. Before creating a custom properties file, create and configure the keystore:
    1. Go to Java installation directory/etc/bin.
    2. From the bin directory, execute the following command:
      keytool -genkeypair -alias dsrunner -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore dsrunner.p12 -validity 3650
    3. In the First name and Last name fields, enter the host name. As the host name may be used as a validation field for the HTTPS connection, it is recommended to enter it.
    4. When you do not want to modify a field, press Return.
    5. Import the certificate in the Java Run Environment keystore by executing the following command lines:
      • keytool -export -keystore dsrunner.p12 -alias dsrunner -file dsrunner.crt
      • keytool -importcert -file dsrunner.crt -alias dsrunner -keystore %JAVA_HOME%/lib/security/cacerts
    The keystore is created and configured.
  2. Create a custom application.properties file.
  3. Save it in a directory that the Talend Remote Engine can access.
  4. Rename it.
    You have two application.properties files for microservices: the original one and the one you have just created.
  5. In the custom properties file, define the following command lines:
    security.require-ssl=true
    server.ssl.key-store=path_to_keystore
    server.ssl.key-store-type=keystore_type
    server.ssl.key-store-password=keystore_password
    server.ssl.key-store-alias=key_alias
    For example:
    security.require-ssl=true
    server.ssl.key-store=D:/dsrunner.p12
    server.ssl.key-store-type=PKCS12
    server.ssl.key-store-password=Password_1234
    server.ssl.key-alias=dsrunner
    The microservice will only allow HTTPS connections that have the three following parameters:
    • PKCS12 for the keystore type,
    • Password_1234 for the password and
    • dsrunner for the key alias.