Before encrypting OLAP, the following components must be adjusted. Click on the links for instructions:
After encrypting OLAP, the following components must be adjusted. Click for instructions:
Jedox OLAP Server
In <Install_path>\Jedox Suite\olap\data\palo.ini, add the key “encryption optional” or “encryption required”:
Encryption optional:
All clients and functions require a HTTPS connection. Only “/server/info” will be reachable unencrypted.
Encryption required:
Same as “encryption optional”, but additionally requires Jedox Integrator to communicate on HTTPS.
If not communicating over localhost/127.0.0.1, it will be mandatory to use “encryption required”.
Each “http” or “admin” command must use https instead of http and the HTTPS port.
- Add one https port: e.g. “https 7778”
- Add the key “key-files” followed by a list of the certificate files.
http "" 7777
....
encryption optional
https 7778
key-files ca_bundle.pem cert_and_key.pem dh_key.pem
OLAP requires the certificate in the following format: “PEM formatted X509 certificate” (Base 64 encoded)
If the certificates need to be split, OLAP will allow this combination:
Components of a certificate:
First parameter: root certificate + ca chain
Second parameter: certificate + privatekey
Third parameter: diffie-hellman key