Skip to main content

Configuring HTTP and HTTPS

With its default settings, Validata uses HTTP and HTTPS as follows:

  • The console discover the server using HTTP over port 9080, then connects using HTTPS over port 9081.

  • The web UI connects to the server using HTTP over port 9080. Alternatively, you may configure it to use HTTPS (see Enabling HTTPS below).

Changing the HTTP port

To change the HTTP port, on every server in the cluster, edit validata\conf\startUp.properties, set the HttpPort property value to the new port number, save the file, and restart Validata.

When the HTTP port is not 9080, tell users to use the new port.

Disabling HTTP

To disable HTTP, on every server in the cluster, edit ./validata/conf/startUp.properties, set HttpEnabled=false, and restart Validata.

Changing the HTTPS port

To change the HTTPS port, on every server in the cluster, edit validata\conf\startUp.properties, set the HttpsPort property value to the new port number, save the file, and restart Validata.

When the HTTPS port is not 9081:

  • When starting the console, include the -T <port> switch to specify the HTTPS port.

  • If the web UI is using HTTPS, tell users to use the new port.

Disabling HTTPS

To disable HTTPS (not recommended), on every server in the cluster, edit ./validata/conf/startUp.properties, set HttpsEnabled=false, and restart Validata.

When HTTPS is disabled:

  • When starting the console, include the -H false switch.

  • In the Forwarding Agent's agent.conf configuration file, set HttpsEnabled=False, set validata.node.servernode.address to the IP address of the server, and restart the agent.

Enabling HTTPS

To support HTTPS for the web UI, Validata needs an SSL certificate. Validata ships with a self-signed certificate and is configured to use it, or you may set up your own certificate as follows.

  1. If you do not have .key and .crt files, generate them as described in Creating a Self-Signed Certificate With OpenSSL.

  2. If you do not have a .pkcs12 file, generate one using OpenSSL (replace each myfile with the names of your files):

    openssl pkcs12 -inkey myfile.key -in myfile.crt -export -out myfile.pkcs12

  3. Use the following command to generate a keystore containing the certificate from the .pkcs12 file (replace myfile with your certificate name)::

    keytool -importkeystore -srckeystore myfile.pkcs12 -srcstoretype PKCS12 -destkeystore myfile.jks

Alternatively, see Generate Keys to create a new self-signed certificate. In some browsers, these may trigger warnings about untrusted certificates.

Once the certificate is in Validata's environment, edit startUp.properties and set HttpsKeystorePath to the path to the keystore created by keytool, for example, HttpsKeystorePath=/opt/validata/myfile.jks. Then run the following commands (in Windows, use sksConfig.bat):

validata/bin/sksConfig.sh -x <storepass value>
validata/bin/sksConfig.sh -y <keypass value>

If the value contains special characters, enclose it in single quotes, for example, validata/bin/sksConfig.sh -x '!xyz51243'.

If you did not specify a keypass, use the storepass value instead (see Generate Keys for more information).