1 of 1

Enable TLS on Lenses

This page describes how to configure TLS for Lenses.

TLS settings go in security.conf.

Global Truststore

To use a non-default global truststore, set the path in accordingly with the LENSES_OPTS variable.

LENSES_OPTS=-Djavax.net.ssl.trustStore=/path/to/truststore

Custom Truststore

To use a custom truststore set the following in security.conf. Supported types: jks, pkcs12.

security.conf

lenses.ssl.truststore.location = "/path/to/truststore.jks"
lenses.ssl.truststore.password = "changeit"

Mutual TLS

To enable mutual TLS, set your keystore accordingly.

security.conf

# To secure and encrypt all HTTPS connections to Lenses via TLS termination.
# Java Keystore location and passwords
lenses.ssl.client.auth = true
lenses.ssl.keystore.location = "/path/to/keystore.jks"
lenses.ssl.keystore.password = "changeit"
lenses.ssl.key.password      = "changeit"


# You can also tweak the TLS version, algorithm and ciphers
#lenses.ssl.enabled.protocols = "TLSv1.2"
#lenses.ssl.cipher.suites     = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WIT