Cluster SSL/TLS OLAP Connection (Windows)


Before encrypting OLAP, the following components must be adjusted. Click on the links for instructions:

After encrypting OLAP, the following components must be adjusted. Click for instructions:

Jedox OLAP Server

In <Install_path>\Jedox Suite\olap\data\palo.ini, add the key “encryption optional” or “encryption required”:

Encryption optional:
All clients and functions require a HTTPS connection. Only “/server/info” will be reachable unencrypted.

Encryption required:
Same as “encryption optional”, but additionally requires Jedox Integrator to communicate on HTTPS.
If not communicating over localhost/, it will be mandatory to use “encryption required”.

Each “http” or “admin” command must use https instead of http and the HTTPS port.

  •  Add one https port: e.g. “https 7778”
  • Add the key “key-files” followed by a list of the certificate files.

    http "" 7777
    encryption optional
    https 7778
    key-files ca_bundle.pem cert_and_key.pem dh_key.pem

OLAP requires the certificate in the following format: “PEM formatted X509 certificate” (Base 64 encoded)

If the certificates need to be split, OLAP will allow this combination:

Components of a certificate:

First parameter: root certificate + ca chain

Second parameter: certificate + privatekey

Third parameter: diffie-hellman key