Configuring an HTTPS connection for Talend Data Preparation - Cloud

Talend Cloud Hybrid Installation Guide

Version
Cloud
Language
English
Operating system
Linux
Product
Talend Cloud
Module
Talend Data Preparation
Talend Data Stewardship
Talend Management Console
Content
Installation and Upgrade
Last publication date
2024-03-25

To set up an HTTPS secure connection between the different services, as well as with the MongoDB server, you need to edit the application.properties file.

Note that securing the MongoDB connection is not possible if you selected the embedded MongoDB instance during the installation process.

If you want to secure connections with MongoDB using SSL, MongoDB Enterprise Server has to be manually installed on your machine. For more information, refer to the supported MongoDB versions in Compatible databases.

Procedure

  1. Open the <Data_Preparation_Path>/config/application.properties file.
  2. To define the path and password of the certificate for the Data Preparation server, edit the following lines:
    # server TLS setup
    tls.key-store=/path/to/key-store.jks
    tls.key-store-password=key-store_password
  3. To define the path and password of the signing Certificate Authority (CA) that issued the server certificate, edit the following lines:
    tls.trust-store=/path/to/trust-store.jks
    tls.trust-store-password=trust-store_password
  4. To make the security control more flexible regarding the certificate common name and its URL, edit the following lines:
    # false to disable hostname verification
    tls.verify-hostname=true
  5. To define the path and password of the signing Certificate Authority (CA) that issued the MongoDB server certificate, edit the following lines:
    mongodb.ssl=true
    mongodb.ssl.trust-store=/path/to/trus-store.jks
    mongodb.ssl.trust-store-password=trust-store-password
  6. Change the services URLs from http to https:
    api.service.url=http://${public.ip}:${server.port}
    dataset.service.url=https://${public.ip}:${server.port}
    tdc.dataset.url=https://${public.ip}:${server.port}
    dataset-dispatcher.service.url=https://${public.ip}:${server.port}
    transformation.service.url=https://${public.ip}:${server.port}
    preparation.service.url=https://${public.ip}:${server.port}
    fullrun.service.url=https://${public.ip}:${server.port}
    gateway.service.url=https://${public.ip}:${server.port}
    tdc.sharing.url=http://${public.ip}:${server.port}
    tdc.rating.url=https://${public.ip}:${server.port}
    security.oidc.client.logoutSuccessUrl=https://${public.ip}:${server.port}
    gateway-api.service.url=https://${public.ip}:${server.port}
    zuul.routes.api.url=https://${public.ip}:${server.port}/api
    zuul.routes.sharingset.url=https://${public.ip}:${server.port}/sharing/v1/sharingset 
    zuul.routes.sharing.url=https://${public.ip}:${server.port}/sharing/v1/sharing 
    zuul.routes.sharings.url=https://${public.ip}:${server.port}/sharing/v1/sharings 
    zuul.routes.upload.url=https://${public.ip}:${server.port}/api
    zuul.routes.swagger1.url=https://${public.ip}:${server.port}/v2/api-docs
    spring.security.oauth2.client.registration.oidc.redirectUri=https://${public.ip}:${server.port}/signIn

Results

Talend Data Preparation only supports the Java Key Store (.jks) format to store keys and certificates.