One Star

Problem with HTTPS

Hi, I've implemented a REST service through a Talend Route and I deployed it in the Talend Runtime.
How can I expose it with HTTPS?
8 REPLIES
Employee

Re: Problem with HTTPS

Hi,
Talend Runtime has a default https configuration in the etc/org.ops4j.pax.web.cfg,
org.osgi.service.http.port.secure=9001
org.osgi.service.http.secure.enabled=true
org.ops4j.pax.web.ssl.keystore=${karaf.base}/etc/keystores/keystore.jks
org.ops4j.pax.web.ssl.password=password
org.ops4j.pax.web.ssl.keypassword=password
the Service you deployed into Runtime can be accessed by both HTTP and HTTPS. you can change the port, keystore, etc .. in the configuration file.
HTH
Five Stars

Re: Problem with HTTPS

I'm not able to get Talend Runtime to support https out-of-box. I haven't changed any configurations or keys, but turned it one. Everything works well using http (rest services deployed and working), but not under https. I have even tried it using localhost.
Any ideas?
One Star

Re: Problem with HTTPS

dsietz,
you mean the runtime doesn't listen on the 9001 if you update the org.ops4j.pax.web.cfg file as xldai mentioned?
g.
Five Stars

Re: Problem with HTTPS

correct.
Is there anything I need to do? 
Example: Do I need to install the http feature - note I tried this and it still doesn't work.
Five Stars

Re: Problem with HTTPS

Strange thing is that the service works work with https when I use SOAPUI, but not in the browser (e.g.: Chrome) In Chrome I get the error message ...
This webpage is not available

ERR_CONNECTION_CLOSED
One Star

Re: Problem with HTTPS

By default self-signed cert used, some browsers reject it.
Five Stars

Re: Problem with HTTPS

In order to get it working in the browser, I had to create my own keystore and expor the cert to the browser
https://community.talend.com/t5/Migration-Configuration-and/How-to-configure-Talend-Services-to-use-...
One Star

Re: Problem with HTTPS

Indeed that's normal procedure (assumed knowledge of PKI). Often it is suggested to use a proper SSL proxy (Apache HTTP, Nginx, F5, ..) to do the SSL offloading and SSL certificate management.