Allowing HTTPS connections - Cloud

Talend Remote Engine User Guide for Linux

Version
Cloud
Language
English (United States)
Product
Talend Cloud
Module
Talend Remote Engine
Content
Design and Development
Installation and Upgrade
The Studio generates a microservice artifact jar file that contains a properties file. To allow HTTPS connections, you must create your own application.properties file, edit it and configure the Data Service Runner to deploy it.

Procedure

  1. Before creating a custom properties file, create and configure the keystore:
    1. Go to Java installation directory/etc/bin.
    2. From the bin directory, execute the following command:
      keytool -genkeypair -alias dsrunner -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore dsrunner.p12 -validity 3650
    3. In the First name and Last name fields, enter the host name. As the host name may be used as a validation field for the HTTPS connection, it is recommended to enter it.
    4. When you do not want to modify a field, press Return.
    5. Import the certificate in the Java Run Environment keystore by executing the following command lines:
      • keytool -export -keystore dsrunner.p12 -alias dsrunner -file dsrunner.crt
      • keytool -importcert -file dsrunner.crt -alias dsrunner -keystore %JAVA_HOME%/lib/security/cacerts
    The keystore is created and configured.
  2. Create a custom application.properties file.
  3. Save it in a directory that the Talend Remote Engine can access.
  4. Rename it.
    You have two application.properties files for microservices: the original one and the one you have just created.
  5. In the custom properties file, define the following command lines:
    security.require-ssl=true
    server.ssl.key-store=path_to_keystore
    server.ssl.key-store-type=keystore_type
    server.ssl.key-store-password=keystore_password
    server.ssl.key-store-alias=key_alias
    For example:
    security.require-ssl=true
    server.ssl.key-store=D:/dsrunner.p12
    server.ssl.key-store-type=PKCS12
    server.ssl.key-store-password=Password_1234
    server.ssl.key-alias=dsrunner
    The microservice will only allow HTTPS connections that have the three following parameters:
    • PKCS12 for the keystore type,
    • Password_1234 for the password and
    • dsrunner for the key alias.