SSL Configuration

Learn how to secure your installation of Nuix RESTful Service by enabling SSL.

2 minute read

To ensure that all communications within Nuix RESTful Service are protected, Secure Sockets Layer (SSL) should be enabled before using the application in a production environment.

Before You Begin

It is recommended that SSL be implemented with a valid certificate obtained from a trusted Certificate Authority (CA).

To enable SSL, Nuix RESTful Service requires:

A PKCS12 (Recommended) or JKS keystore
A PEM or DER based certificate

Generating a Self-Signed Certificate

Certificates being used in a production environment should be obtained and signed by a trusted Certificate Authority (CA). In some circumstances, however, it may be necessary to generate a self-signed certificate for testing purposes.

To generate a self-signed PKCS12 based keystore for use with Nuix RESTful Service:

From a command prompt, navigate to the Java installation directory used by Nuix RESTful Service:
- Windows: C:\Program Files\Common Files\i4j_jres\11.0.3\bin
- Linux: $JAVA_HOME/bin

Run the following command to generate the keystore.

keytool -genkeypair -alias nuixrest -keyalg RSA -keysize 4096 -storetype PKCS12 -keystore nuixrest.p12 -validity 3650 -storepass changeit -keypass changeit

Proceed to Enabling SSL to complete the configuration.

Importing a PEM Certificate to a PKCS12 Keystore

Note

You must download and install an OpenSSL Binary before completing the following steps.

To import the PEM-based key and a trusted CA-provided certificate to the PKCS12 keystore:

From a command prompt with elevated privileges, enter the following command:

openssl pkcs12 -export -out nuixrest.p12 -inkey privkey.pem -in cert.pem -name nuixrest

Proceed to Enabling SSL to complete the configuration.

Enabling SSL

Note

You must import your certificate to the keystore before completing the following steps.

To enable SSL for the Nuix RESTful Service:

Navigate to the following location within the Nuix RESTful Service installation directory.
- Windows default: C:\Program Files\Nuix\Nuix RESTful Service\settings
- Linux default: /opt/nuix-restful-service/settings
Using a text editor, open application.properties.

Update the values of the following existing properties to provide the details of your keystore and enable SSL:

server.port=8443
server.ssl.key-store=/path/to/generated/keystore/nuixrest.p12
server.ssl.key-store-password=changeit
server.ssl.key-store-type=PKCS12
server.ssl.key-alias=nuixrest
server.ssl.key-password=changeit
server.ssl.enabled-protocols=TLSv1.2

Save the file and exit.
Restart Nuix RESTful Service for the changes to take effect.

After restarting, Nuix RESTful Service will be accessible at the following URL: https://127.0.0.1:8443/nuix-restful-service/svc/docs

Note

If you used a self-signed certificate, the Nuix RESTful Service reference documentation will not be accessible using a Chrome-based browser.

Feedback

Was this page helpful?

Thank you for your feedback.