Securing connections for Talend Dictionary Service - Cloud

Talend Cloud Hybrid Installation Guide for Linux

Version
Cloud
Language
English (United States)
EnrichDitaval
linux
Product
Talend Cloud
Module
Talend Data Preparation
Talend Data Stewardship
Talend Management Console
Content
Installation and Upgrade

Procedure

  1. Open the <Tomcat>/conf/server.xml file.
  2. Comment the non-SSL part:
    <!-- <Connector port="8187" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8550" /> -->
  3. Uncomment the following lines:
    <!-- <Connector port="8550"
    protocol="org.apache.coyote.http11.Http11NioProtocol"
    maxThreads="150"
    SSLEnabled="true"
    scheme="https"
    secure="true"
    clientAuth="false"
    sslProtocol="TLS"/> -->
    
  4. Add the following lines:
    keystoreFile="<certificate_path>/server.keystore.jks" 
    keystorePass="<certificate_password>"
    
  5. Open the <Tomcat>/conf/data-quality.properties file.
  6. To secure connections with MongoDB, edit the following lines:
    dq.mongo.ssl=true
    dq.mongo.ssl.trust-store=<path_to_truststore>
    dq.mongo.ssl.trust-store-password=<truststore_password>
  7. To secure connections with Kafka using communication encryption only, edit the following lines:
    spring.cloud.stream.kafka.binder.configuration.security.protocol=SSL
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.location=<path_to_truststore>
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.password=<truststore_password>
  8. To secure connections with Kafka using authentication, edit the following lines:
    spring.cloud.stream.kafka.binder.configuration.ssl.keystore.location=<path_to_keystore>
    spring.cloud.stream.kafka.binder.configuration.ssl.keystore.password=<keystore_password>
    spring.cloud.stream.kafka.binder.configuration.ssl.key.password=<key_password>

Results

Talend Dictionary Service only supports the Java Key Store (.jks) format to store keys and certificates.

To enable HTTPS support on Tomcat, see https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html.

To enable SSL support on MongoDB, see https://docs.mongodb.com/v3.0/tutorial/configure-ssl/.

To enable SSL support on Kafka, see http://kafka.apache.org/documentation.html#security_ssl.