This page describes how to configure TLS for the Lenses Agent.
By default, the Agent does not provide TLS termination but can be enabled via a configuration option. TLS termination is recommended for enhanced security and a prerequisite for integrating with SSO (Single Sign On) via SAML2.0.
TLS termination can be configured directly within Agent or by using a TLS proxy or load balancer.
Global Truststore
To use a non-default global truststore, set the path in accordingly with the LENSES_OPTS variable.
To enable mutual TLS, set your keystore accordingly.
lenses.conf
# To secure and encrypt all HTTPS connections to Lenses via TLS termination.# Java Keystore location and passwordslenses.ssl.client.auth= truelenses.ssl.keystore.location="/path/to/keystore.jks"lenses.ssl.keystore.password="changeit"lenses.ssl.key.password="changeit"# You can also tweak the TLS version, algorithm and ciphers#lenses.ssl.enabled.protocols = "TLSv1.2"#lenses.ssl.cipher.suites = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WIT