Before encrypting OLAP, the following components must be adjusted. Click on the links for instructions:

• Jedox Web
• Spreadsheet Server
• Supervision Server (SVS)
• Integrator

After encrypting OLAP, the following components must be adjusted. Click for instructions:

• Excel Add-in Client
• SSL/TLS Jedox environment

Jedox OLAP Server

In <Install_path>\Jedox Suite\olap\data\palo.ini, add the key “encryption optional” or “encryption required”:

Encryption optional:
All clients and functions require a HTTPS connection. Only “/server/info” will be reachable unencrypted.

Encryption required:
Same as “encryption optional”, but additionally requires Jedox Integrator to communicate on HTTPS.
If not communicating over localhost/127.0.0.1, it will be mandatory to use “encryption required”.

Each “http” or “admin” command must use https instead of http and the HTTPS port.

•  Add one https port: e.g. “https 7778”
• Add the key “key-files” followed by a list of the certificate files.

  http "" 7777
....
encryption optional
https 7778
key-files ca_bundle.pem cert_and_key.pem dh_key.pem

OLAP requires the certificate in the following format: “PEM formatted X509 certificate” (Base 64 encoded)

If the certificates need to be split, OLAP will allow this combination:

Components of a certificate:

• root certificate
• ca chain or chain of trust
• private and public key

First parameter: root certificate + ca chain

Second parameter: certificate + privatekey

Third parameter: diffie-hellman key