Configure UI and REST to use HTTPS
The following instructions describe how to configure SWP to allow the UI and REST to use both use HTTPS for configuration.
Note, it is necessary to also have an HTTP port set for non-HTTPS and the lagom.services.swpallinone referring to it. This is because internal (ie between SWP services) still use HTTP
Step-by-step guide
The following instructions describe how to configure SWP to allow the UI and REST to use both use HTTPS for configuration.
Note, it is necessary to also have an HTTP port set for non-HTTPS and the lagom.services.swpallinone referring to it. This is because internal (ie between SWP services) still use HTTP
Instructions
Create a keystore with the certificate you’d like to use. For example:
openssl pkcs12 -export -in cert.crt -inkey cert.key -out /opt/streamweaver/conf/keystore.jks -password somepass- Locate and edit the swp.conf file
Uncomment the following lines or add them if they are not present (e.g. in an older config). Modify the values as desired.
#http.port=17456 # Choose a port for internal SWP communications
#lagom.services.swpallinone = "http://localhost:17456" # Choose same port as previous line
#
#https.port=7456 # enable listening for https (must be UI port - 1)
#play.server.https.keyStore {
# path = "/opt/streamweaver/conf/keystore.jks" # Change path to match actual installed keystore.jks
# password = "somepass"
# type = "JKS" #verify with `keytool -list -v -keystore <path-to-keystore-file>`
# engineProvider="com.streamweaver.service.ui.impl.PlaySslEngineProvider"
#}
// End SSL configuration options
The above settings would enable
- HTTPS i/f for UI & REST - this is usually what is required by clients
- HTTP internally (usually on the same host) for intra-SWP service calls. Since it is on the same host, we generally don’t need HTTPS.
Related articles
Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.