Skip to main content Skip to complementary content

Configure TLS/SSL in Talend Administration Center

Procedure

  1. Create a keystore containing a self signed certificate using the command: 
    keytool -genkey -keyalg RSA -alias tac-tomcat -keystore tac-tomcat-keystore.jks -storepass tacadmin -validity 3600 -keysize 2048
  2. Open the following file:
    <TAC_HOME>\apache-tomcat\conf\server.xml
  3. Configure Apache Tomcat to use this keystore by adding the following lines: 
    <!-- Define an SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector
protocol="org.apache.coyote.http11.Http11NioProtocol"
port="8443" maxThreads="150"
SSLEnabled="true"
maxParameterCount="1000">
<SSLHostConfig>
<Certificate
certificateKeystoreFile="${user.home}\.keystore"
certificateKeystorePassword="tacadmin"
type="RSA"
/>
</SSLHostConfig>
</Connector>
  4. Comment the non-SSL part. 
    <Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
throwOnFailure="true"
redirectPort="8443" />
  5. Add the keystore certificate to Apache Tomcat truststore. 
    #export certificate into .cert file
keytool -keystore tac-tomcat-keystore.jks -alias tac-tomcat -export -file tac-tomcat.cert
#import certificate into jks
keytool -keystore tac-tomcat-truststore.jks -alias tac-tomcat -import -file tac-tomcat.cert
    This is necessary to avoid the following exception:
    Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target during user authentication.
  6. Open the following file:
    <TAC_HOME>\apache-tomcat\bin\setenv.bat
  7. Change the line 
    set "JAVA_OPTS=%JAVA_OPTS% -Xmx4096m -Dfile.encoding=UTF-8"
    with
    set "JAVA_OPTS=%JAVA_OPTS% -Xmx4096m -Dfile.encoding=UTF-8 -Djavax.net.ssl.trustStore=$CATALINA_HOME/conf/tac-tomcat-truststore.jks -Djavax.net.ssl.trustStorePassword=tacadmin"
  8. Restart Talend Administration Center.

    Check the Talend Administration Center URL with the following address https://localhost:8443/org.talend.administrator.

    For more information, see https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here