Versions Compared

Old Version 2

changes.mady.by.user Kristina B.

Saved on

compared with

New Version Current

changes.mady.by.user Kristina B.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Content layer
id1319373952
Content column
id1319373973
Content block
id1327774620

On this page:

Table of Contents

Content block
id1319373963

By default, the Authentication Server runs with HTTPS enabled, using a self-signed certificate that is created by the Teamwork Cloud installer. To change HTTPS settings please edit Authentication Server configuration file ./config/authserver.properties and change related parameters. After the Authentication Server configuration is updated, the service must be restarted. See the HTTPS/SSL parameters description in the

...

section HTTPS parameters.

...

...

Note
titleNote for Windows users

Self-signed server certificate

By default, the Authentication Server uses a self-signed certificate that is created by the Teamwork Cloud installer. This means that web browsers will warn users about an untrusted server certificate when they first access the Authentication Server. When users choose to trust the server certificate, the warning message disappears.

CA-signed server certificate

For production environments, it is highly recommended to use a certificate signed by trusted certificate authorities (CA).

...

When executing the openssl command you will be asked for a keystore password. Please read the instructions carefully and provide all required information.

To generate a keystore file

...

Create a PKCS 12 file with the OpenSSL tool.

openssl pkcs12 -export -in server.crt -inkey server.key -certfile server.crt -out keystore.p12

For changing the self-signed certificate to a CA certificate, visit Changing the SSL certificate page.

Deployment on cluster

If the Authentication Server is deployed on a cluster, all service instances should use the same keystore. When using an automatically created keystore with a self-signed certificate, just copy the keystore file from one instance to all the other ones.



Content block
id1319373951

Related pages