Configuring an HTTPS connection with Talend Identity and Access Management - Cloud

Talend Cloud Hybrid Installation Guide for Linux

Version
Cloud
Language
English (United States)
EnrichDitaval
linux
Product
Talend Cloud
Module
Talend Data Preparation
Talend Data Stewardship
Talend Management Console
Content
Installation and Upgrade

Securing the connection between Talend Data Preparation and Talend Identity and Access Management requires editing their corresponding configuration files.

You will first have to configure Talend Identity and Access Management as a service in HTTPS. Then, you will enable SSL communication between Talend Data Preparation and Talend Identity and Access Management running in HTTPS.

Before you begin

  • Talend Data Preparation has been configured as a service in HTTPS. For more information, see Configuring an HTTPS connection for Talend Data Preparation.
  • You have generated a certificate for Talend Data Preparation and Talend Identity and Access Management, and added it to your Web browser truststore.
  • Make sure that you have the latest Apache Tomcat version installed.

Procedure

  1. To enable SSL to access the Talend Identity and Access Management server, add the following lines to the <TDP_installation_path>/dataprep/start.bat file if you are using Windows, or the <TDP_installation_path>/dataprep/start.sh file if your are using Linux.
    -Djavax.net.ssl.trustStore=/path/to/<trust-store.jks>
    -Djavax.net.ssl.trustStorePassword=<trust-store password>
  2. To enable SSL communication between Talend Data Preparation and Talend Identity and Access Management running in HTTPS, retrieve the Talend Identity and Access Management certificate, or its Certificate Authority, and add it to the Talend Data Preparation truststore using the following command:
    keytool -import -trustcacerts -alias <cert-alias> -file <IAM_certificate.crt> -keystore <truststore.jks>
  3. In the <Data_Preparation_Path>/config/application.properties file, add the following properties to set the truststore:
    tls.trust-store=/path/to/<truststore.jks>
    tls.trust-store-password=<trust-store_password>
    
    false to disable hostname verification
    tls.verify-hostname=true
  4. Restart the services.

Results

Your Talend Data Preparation instance running in HTTPS can now communicate with Talend Identity and Access Management, also running with a secured HTTPS connection.