Configuring TLS encryption for Management Console

To enable TLS encryption on connections to Management Console, you might need to configure the tls.properties file.

About this task

You might need to create a trust store as described in Creating a private keystore and a trust store for encryption.

Procedure

  1. Locate the TLS encryption properties file.

    For Management Console, the tls.properties file is located in the installation folder. The Windows file path is drive:\Program Files (x86)\IBM\InfoSphere Data Replication\Management Console\tls.properties.

  2. Uncomment and update the properties that are required for your TLS encryption configuration:
    For example:
    #################################################
    # This first section is for configuring both Access Server and clients.  
    
    # Backslashes must be escaped with an extra backslash.
    #trustStorePath=C:\\path\\to\\trust.jks
    #trustStorePath=/path/to/trust.jks
    #trustStorePassword=password
    #trustStoreType=JKS
    
    #################################################
    # This second section is for configuring Access Server, included embedded Access Server.
    
    # Backslashes must be escaped with an extra backslash.
    #privateKeyStorePath=C:\\path\\to\\privatekey.jks
    #privateKeyStorePath=/path/to/privatekey.jks
    #privateKeyStorePassword=password
    #privateKeyStoreType=JKS
    
    #enableTLS=true

    Where:

    • trustStorePath - The path to the trust store that contains the trusted root certificates. Backslashes must be escaped with an extra backslash.
    • trustStorePassword - The password that is required to unlock the trust store
    • trustStoreType - The type of trust store: JKS or PKCS12
    • privateKeyStorePath - The path to the private key store that contains the private key and public certificate chain. Backslashes must be escaped with an extra backslash. This property is only applicable to embedded Access Server.
    • privateKeyStorePassword - The password that is required to unlock the private key store. This property is only applicable to embedded Access Server.
    • privateKeyStoreType - The type of private key store: JKS or PKCS12. This property is only applicable to embedded Access Server.
    • enableTLS - Specify whether to enable TLS (true or false). This property is only applicable to embedded Access Server.