Configuring TLS

Enable secure connections for data transfers and user access with either the Transport Layer Security (TLS) protocol or the Secure Socket Layer (SSL) protocol, which ensures access authenticity and securely protects your data.

TLS/SSL is supported between the following services:

  • The supported web browser and the Workload XM UI.
  • Telemetry Publisher and the Workload XM API.
  • The Workload XM UI and the Workload XM API.
  • The Workload XM Servers and Impala.

Configure the TLS properties based on the edge connection that you want to encrypt.

The following tables list the property settings for enabling TLS/SSL encrypted communication between the Workload XM system components:
  • The supported web browser connected to the Workload XM UI.
  • The Console Server and other REST Clients connected to the Admin API Server, the API Server, and the Databus API Server.
  • The Pipeline Server, the Analytic Database Server, the Entities Server, the Databus Server, and a SDX Server connected to Impala Server.
Table 1. TLS/SSL parameters for a secure connection between your browser and the Workload XM UI
Component Property Value
Console Server TLS/SSL Server Private Key File (PEM) ssl.privatekey.path
Console Server TLS/SSL Server Certificate File (PEM) ssl.cert.path
Console Server TLS/SSL Private Key Password ssl.privatekey.password
Console Server Enable TLS/SSL ssl.enabled
Table 2. TLS/SSL parameters for a secure connection between the Console Server and other REST clients and the Admin API Server, the API Server, and the Databus API Server
Component Property Value
Console Server TLS/SSL Certificate Trust Store File ssl.cacert.path
Admin API Server TLS/SSL Certificate Trust Store File ssl.trustStore.path
Admin API Server

API Server

Databus API Server

Enable TLS/SSL ssl.enabled
Admin API Server

API Server

Databus API Server

TLS/SSL Server JKS Keystore File Location ssl.keyStore.path
Admin API Server

API Server

Databus API Server

TLS/SSL Server JKS Keystore File Password ssl.keyStore.password
Admin API Server

API Server

Databus API Server

TLS/SSL Server JKS Keystore Key Password ssl.keyManager.password
Table 3. TLS/SSL parameters for a secure connection between the Pipeline Server and several other servers to the Impala Server
Component Property Value
Pipelines Server

Analytic Database Server

Entities Server

Databus Server

SDX Server
TLS/SSL Client Trust Store File ssl.trustStore.path
Pipelines Server

Analytic Database Server

Entities Server

Databus Server

SDX Server
TLS/SSL Client Trust Store Password ssl.trustStore.password