Securing connections for Talend Identity and Access Management - 8.0

Talend Installation Guide for Linux

Version
8.0
Language
English
EnrichDitaval
Linux
Product
Talend Big Data
Talend Big Data Platform
Talend Data Fabric
Talend Data Integration
Talend Data Management Platform
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Real-Time Big Data Platform
Module
Talend Activity Monitoring Console
Talend Administration Center
Talend Artifact Repository
Talend CommandLine
Talend Data Preparation
Talend Data Stewardship
Talend ESB
Talend Identity and Access Management
Talend Installer
Talend JobServer
Talend LogServer
Talend MDM Server
Talend MDM Web UI
Talend Runtime
Talend SAP RFC Server
Talend Studio
Content
Installation and Upgrade

Procedure

  1. Open the <installation_path>/iam/apache-tomcat/conf/server.xml file.
  2. Comment the non-SSL part:
    <!-- <Connector port="9080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="9443" /> -->
  3. Uncomment the following lines:
    <!-- <Connector port="9443"
    protocol="org.apache.coyote.http11.Http11NioProtocol"
    maxThreads="150"
    SSLEnabled="true"
    Scheme="https" secure="true"
    clientAuth="false"
    sslProtocol="TLS"/> -->
    
    keystoreFile="<installation_path>/certs-single/server.keystore.jks"
    keystorePass="tomcat"/>
  4. Add the following lines:
    keystoreFile="<certificate_path>/server.keystore.jks" 
    keystorePass="<certificate_password>"
    
  5. Open the <installation_path>/iam/apache-tomcat/conf/iam.properties file and change the below URLs from http to https:
    iam.url=https://${iam.host}:<port>
    tac.url=https://<host_name>:<port>/org.talend.administrator
  6. In the <installation_path>/iam/apache-tomcat/conf/iam.properties file, set the value for the below parameters to the username and the password of the user with the role Security Administrator in Talend Administration Center:
    tac.user-name=<username_security_administrator>
    tac.password=<password_security_administrator>
    Note: Whenever you change your Talend Administration Center password, make sure to replace your old password with the new one in the iam.properties file here.
  7. Delete the oidc and idp folders so that Talend Identity and Access Management can recreate them on the next startup.
  8. Open the <installation_path>/iam/apache-tomcat/conf/fediz_config.xml file and change the below URL from http to https:
    <issuer>https://<iam_url:port>/idp/federation</issuer>