4.0

HTTPS & TLS

Enable secure HTTPS on Lenses with TLS.

Options 

  1. Direct TLS (read below).
  2. TLS termination proxy in front.
To secure and encrypt all HTTPS connections to Lenses via TLS termination.
# Java Keystore location and passwords
lenses.ssl.keystore.location = "/path/to/keystore.pkcs12"
lenses.ssl.keystore.password = "changeit"
lenses.ssl.key.password      = "changeit"

# You can also tweak the TLS version, algorithm and ciphers
#lenses.ssl.enabled.protocols = "TLSv1.2"
#lenses.ssl.cipher.suites     = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384"
You can enforce client mutual authentication via a TLS client certificate. This will be in addition to normal user authentication.
# Provide Java Keystore location and passwords
lenses.ssl.keystore.location = "/path/to/keystore.pkcs12"
lenses.ssl.keystore.password = "changeit"
lenses.ssl.key.password      = "changeit"

# To enable client TLS auth, set a truststore, password, and
lenses.ssl.truststore.location = "/path/to/truststore.pkcs12"
lenses.ssl.truststore.password = "changeit"
lenses.ssl.client.auth = true

See configuration settings.