Configuring an HTTPS connection for Talend Data Preparation

Talend Data Management Platform Installation Guide for Linux

EnrichVersion
6.2
EnrichProdName
Talend Data Management Platform
task
Installation and Upgrade

Configuring an HTTPS connection for Talend Data Preparation

To set up an HTTPS secure connection between the different services, as well as with the MongoDB server, make the following changes to the application.properties file:

  1. Open the <Data_Preparation_Path>/config/application.properties file.

  2. Add the following lines to the application.properties file:

    Table 28. 

    FieldDescription
    # server TLS setup
    tls.key-store=/path/to/key-store.jks
    tls.key-store-password=key-store_password
    Defines the path and password of the certificate for the Data Preparation server.
    tls.trust-store=/path/to/trust-store.jks
    tls.trust-store-password=trust-store_password
    Defines the path and password of the signing Certificate Authority (CA) that issued the server certificate.
    # false to disable hostname verification
    tls.verify-hostname=false
    
    Makes the security control more flexible regarding the certificate common name and its URL.
    mongodb.ssl=true
    mongodb.ssl.trust-store=/path/to/trus-store.jks
    mongodb.ssl.trust-store-password=trust-store-password
    
    Defines the path and password of the signing Certificate Authority (CA) that issued the MongoDB server certificate.

    Note

    Talend Data Preparation only supports the Java Key Store (.jks) format to store keys and certificates.

  3. Change the services URLs in the application.properties file from http to https:

    dataset.service.url=https://${public.ip}:${server.port}
    transformation.service.url=https://${public.ip}:${server.port}
    preparation.service.url=https://${public.ip}:${server.port}
    

Configuring Talend Data Preparation when Talend Administration Center is in HTTPS

For Talend Data Preparation to be able to connect to a Talend Administration Center instance running in https, Talend Data Preparation must trust the Talend Administration Center's certificate.

  1. Retrieve Talend Administration Center certificate, or its Certificate Authority and add it to an existing or new .jks file following this example:

    keytool -import -trustcacerts -alias <cert-alias> -file <tac_certificate.crt> -keystore <truststore.jks>

  2. In the <Data_Preparation_Path>/config/application.properties file, add the following properties to set the truststore:

    tls.trust-store=/path/to/<truststore.jks>
    tls.trust-store-password=<trust-store_password>
    
    false to disable hostname verification
    tls.verify-hostname=false
    
  3. Restart Talend Data Preparation.

Using the tDataprepRun component with an HTTPS connection

In order to make the tDataprepRun component work when running Talend Data Preparation with an https connection, complete the following configuration:

  1. Retrieve Talend Data Preparation certificate, or its Certificate Authority and add it to an existing or new .jks file following this example:

    keytool -import -trustcacerts -alias <cert-alias> -file <dp_certificate.crt> -keystore <truststore.jks>

  2. To make the Studio trust the Talend Data Preparation certificate, edit the .ini file used to start the Studio:

    -Djavax.net.ssl.trustStore=/path/to/<trust-store.jks>
    -Djavax.net.ssl.trustStorePassword=<trust-store password>
  3. When designing your Job in the Studio, connect a tSetKeystore component to the data input component with an OnSubjobOk link in order for the Job to trust the Talend Data Preparation certificate. For more information on how to configure the tSetKeystore, see https://help.talend.com/display/TalendComponentsReferenceGuide62EN/tSetKeystore.

For more information on how to use the tDataprepRun component, see https://help.talend.com/display/KB/Operationalize+a+recipe+in+a+Talend+Job.

Creating a live dataset with an HTTPS connection

To create a working live dataset when running Talend Data Preparation with an https connection, complete the following configuration:

  1. Retrieve Talend Data Preparation certificate, or its Certificate Authority and add it to an existing or new .jks file following this example:

    keytool -import -trustcacerts -alias <cert-alias> -file <dp_certificate.crt> -keystore <truststore.jks>

  2. When designing your Job in the Studio, connect a tSetKeystore component to the data input component with an OnSubjobOk link in order for the Job to trust the Talend Data Preparation certificate. For more information on how to configure the tSetKeystore, see https://help.talend.com/display/TalendComponentsReferenceGuide62EN/tSetKeystore.

For more information on how to create a live dataset, see https://help.talend.com/display/KB/Creating+a+dataset+based+on+an+on-demand+Job+execution