Outbound Secured Communication¶
Overview¶
IFS Cloud might need to communicate securely over HTTPS to an external host.
In the Remote deployment option it is possible to upload certificates to individual pods that is required to trust additional certificates. By default Java trust the most common CA's Certs, but in some non production test scenarios it might be required to trust a self-signed certificate.
Example config in ifscloud-values.yaml to add a self-signed cert to the odata pod:
ifsappodata:
certificates:
myselfsignedcert: |
-----BEGIN CERTIFICATE-----
MIIDHzCCAgegAwIBAgIEftVfNjANBgkqhkiG9w0BAQsFADAqMSgwJgYDVQQDEx9k
c2UxazhzMTEzLmNvcnBuZXQuaWZzd29ybGQuY29tMB4XDTIyMDIyMzExMTg1MFoX
DTIzMDIyMzExMTg1MFowKjEoMCYGA1UEAxMfZHNlMWs4czExMy5jb3JwbmV0Lmlm
FVFfHsi/D1ARI7ECAwEAAaNNMEswHQYDVR0OBBYEFByAyujgR/6pywhkNsy2o/KU
3C4oMCoGA1UdEQQjMCGCH2RzZTFrOHMxMTMuY29ycG5ldC5pZnN3b3JsZC5jb20w
DQYJKoZIhvcNAQELBQADggEBABsRdIZ3+TSgCbI2tupJsv1FRWV3pMg3pdIGo7Ia
FyJKCqEj4rV/q7MW2a4JQJF8ykXixZ4YTLwi67VFMSfd2D516r1Xx2k617B+01dg
GRwQDY3H2NWh1QjBoyIOJKklLd/fEPzm+UU/JH8K/yBQdVZBaxw4KjU0xyqQFTd0
jhsIc1pqf2aVEsejwyNLhs9DnZyvzRBNsyvuVm//0gWV4OPDAa/i0BULgHnjJF2y
2M8H0QgLNafuaVxL2K6jArHg5JB1Qgkd7jxvmylwQhelfV86MmO9cy7f3gIRcX52
lU+UKetAgt4koD5opvDOzWtToavXGALzFjMxMN9iyGEfFf8=
-----END CERTIFICATE-----
alternately:
ifsappodata:
certificates:
myselfsignedcert: C:\remote\ifsroot\config\certs\myselfsignedcert.crt
NOTE:
Normally a connect integration will use certificates uploaded to the connect address. upload ssl certificate to connect address