Cluster SSL/TLS OLAP Connection

Before encrypting OLAP the following steps must be done:
After encrypting OLAP these steps are necessary:
Jedox OLAP Server

In <Install_path>/Data/palo.ini add the key “encryption optional” or “encryption required”.

encryption optional:
All clients and functions require a HTTPS connection. Only “/server/info” will be reachable unencrypted.

encryption required:
Same as “encryption optional”, but enforces additionally the Jedox Integrator to communicate on HTTPS.
If not communicating over localhost/, it will be mandatory to use “encryption required”.

Each “http” or “admin” command need to use https instead of http and the HTTPS port.
– Add one https port: e.g. “https 7778”
– Add the key “key-files” followed by a list of the certificate files.

http "" 7777
encryption optional
https 7778
key-files ca_bundle.pem cert_and_key.pem dh_key.pem

OLAP requires the certificate in the following format: “PEM formatted X509 certificate” (Base 64 encoded)

If the certificates need to be split, OLAP will allow this combination:

Components of a certificate:
root certificate
ca chain or chain of trust
private- and public-key

first parameter:
root certificate + ca chain

second parameter:
certificate + privatekey

third parameter:
diffie-hellman key

Was this post helpful?
NoYes (No Ratings Yet)