Securing Developer Portal and OpenSearch communication

When you configure a OpenSearch database for your Developer Portal instance, you secure their communication by deploying the security certificates for both components.

Before you begin

Secure the OpenSearch instance.

About this task

To achieve two-way security between Developer Portal and OpenSearch, generate security certificates for both components, and specify the certificate details in the corresponding configuration of both components.

Procedure

  1. Generate truststore and keystore certificates for Developer Portal.
  2. Go to the DPOInstalledLocation\DeveloperPortal\configuration folder, open the dpo_wrapper.config file, add the following entry, and save the changes.
    # OpenSearch Configuration
    wrapper.java.additional.2700=-Dportal.datastore.username=OpenSearch_portal_username
    wrapper.java.additional.2701=-Dportal.datastore.password=OpenSearch_password
    wrapper.java.additional.2702=-Dportal.datastore.uris=OpenSearch_URI
    # SSL Configuration for Developer Portal Keystore and Truststore
    wrapper.java.additional.2707=-Dportal.datastore.ssl.keystore.alias=opensearch-client
    wrapper.java.additional.2708=-Dportal.datastore.ssl.keystore.filepath=Developer_portal_keystore_location
    wrapper.java.additional.2709=-Dportal.datastore.ssl.keystore.password=Developer_portal_keystore_password
    wrapper.java.additional.2710=-Dportal.datastore.ssl.truststore.filepath=Developer_portal_truststore_location
    wrapper.java.additional.2711=-Dportal.datastore.ssl.truststore.password=Developer_portal_truststore_password
    where,
    OpenSearch_username
    Username to log in to OpenSearch.
    OpenSearch_password
    Password used to log in to OpenSearch.
    OpenSearch_URI
    Web link to access OpenSearch.
    Developer_portal_keystore_location
    Location of the Developer Portal keystore file.
    Developer_portal_keystore_password
    Password to access the Developer Portal keystore file.
    Developer_portal_truststore_location
    Location of the Developer Portal truststore file.
    Developer_portal_truststore_password
    Password to access the Developer Portal truststore file.
    Note: Make sure that the truststore file includes the details of the target component certificates.
    Sample
    # OpenSearch Configuration
    wrapper.java.additional.2700=-Dportal.datastore.username=admin
    wrapper.java.additional.2701=-Dportal.datastore.password=password1
    wrapper.java.additional.2702=-Dportal.datastore.uris=https://opensearch:9200
    # SSL Configuration for OpenSearch Keystore and Truststore
    wrapper.java.additional.2707=-Dportal.datastore.ssl.keystore.alias=opensearch-client
    wrapper.java.additional.2708=-Dportal.datastore.ssl.keystore.filepath=C:/Installer/DeveloperPortal/configuration/client.p12
    wrapper.java.additional.2709=-Dportal.datastore.ssl.keystore.password=changeit
    wrapper.java.additional.2710=-Dportal.datastore.ssl.truststore.filepath=C:/Installer/DeveloperPortal/configuration/truststore.jks
    wrapper.java.additional.2711=-Dportal.datastore.ssl.truststore.password=changeit
    SSL is enabled for the communication between the Developer Portal and OpenSearch. Hence, the communication between these components must be done over the HTTPS port.