Chapter 11. Configuring Smart Router for TLS support


You can configure Smart Router (KIE Server Router) for Transport Layer Security (TLS) support to allow HTTPS traffic. In addition, you can disable unsecure HTTP connections to Smart Router.

Prerequisites

Procedure

To start Smart Router, use one of the following methods:

  • To start Smart Router with TLS support and HTTPS enabled as well as allowing HTTP connections, enter the following command:

    java  -Dorg.kie.server.router.tls.keystore = <KEYSTORE_PATH>
          -Dorg.kie.server.router.tls.keystore.password = <KEYSTORE_PASSWORD>
          -Dorg.kie.server.router.tls.keystore.keyalias = <KEYSTORE_ALIAS>
          -Dorg.kie.server.router.tls.port = <HTTPS_PORT>
          -jar rhpam-7.13.5-smart-router.jar

    In this example, replace the following variables:

  • <KEYSTORE_PATH>: The path where the keystore will be stored.
  • <KEYSTORE_PASSWORD>: The keystore password.
  • <KEYSTORE_ALIAS>: The alias name used to store the certificate.
  • <HTTPS_PORT>: The HTTPS port. The default HTTPS port is 9443.
  • To start Smart Router with TLS support and HTTPS enabled and with HTTP connections disabled, enter the following command:

    java  -Dorg.kie.server.router.tls.keystore = <KEYSTORE_PATH>
          -Dorg.kie.server.router.tls.keystore.password = <KEYSTORE_PASSWORD>
          -Dorg.kie.server.router.tls.keystore.keyalias = <KEYSTORE_ALIAS>
          -Dorg.kie.server.router.tls.port = <HTTPS_PORT>
          -Dorg.kie.server.router.port=0
          -jar rhpam-7.13.5-smart-router.jar

    When the org.kie.server.router.port system property is set to 0, then the HTTP listener is not registered. If TLS is configured and the HTTP listener is not registered, then Smart Router listens only on the HTTPS port.

    Note

    If TLS is not configured and you disable HTTP by setting org.kie.server.router.port to 0, then an error occurs and Smart Router stops.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.