Configure SSL to access Collibra Console

If you want to connect to Collibra Console in a secure way with your web browser, you have to use SSL. This procedure explains how you can activate SSL access to Collibra Console.

Prerequisites

  • You have knowledge of the JSON syntax.
  • You have created a Java KeyStore according the procedure described by Oracle, for example clientkeystore.
  • You have noted the following data while creating the Java KeyStore:
    • KeyStore file name: clientkeystore in the Oracle example.
    • KeyStore alias: client in the Oracle example.
    • KeyStore password: The password that you entered after executing the command of the first step in the Oracle example.
    • KeyStore alias password: The password that you entered as last step of step 2 in the Oracle example.
  • You have stored the Java KeyStore on the node hosting Collibra Console, in the <collibra_data>/console/security folder, for example /opt/collibra_data/console/security.

Steps

  1. Open a terminal session on the node on which Collibra Console is installed.
  2. Open the file <collibra_data>/console/config/server.json for editing.
  3. Fill in the following parameters in the httpsConnector section, if the section does not exist, you have to create it manually:

    Note Add string values between double quotes.


    ParameterDescription
    port

    The port on which the HTTPS connector must bind. The value must be higher than 1024 to avoid root permissions.

    Note If you want to use the default SSL port 443, you have to use a reverse proxy.

    keyAliasThe KeyStore alias.
    keyPassThe KeyStore alias password.
    keystorePassThe KeyStore password.
    keystoreFileThe full path to the KeyStore file name, for example /opt/collibra_data/console/security/clientkeystore.
    Example  
    "httpsConnector" : {
    "port": 5404,
    "keyAlias": "your-alias",
    "keyPass": "your-password",
    "keystorePass": "your-password",
    "keystoreFile": "/opt/collibra_data/console/security/console.jks" },
}


  4. Save and close the file.
  5. Open the DGC service settings for editing:
  6. Click the General settings section.
  7. Update the Base URL parameter with httpsand the new port.
  8. Restart the environment.

What's next

Connect to your Collibra Console instance via the Base URL.

Tip To prevent regular HTTP traffic to Collibra Console, update the address parameter with the value 127.0.0.1 in <collibra_data>/console/config/server.json and restart the environment.
For more information, see the knowledge base on the Collibra Support Portal.