/
Enabling Transport Layer Security

Enabling Transport Layer Security

The Intellicus portal supports TLS communication between the Report Engine and Web Client components. This feature mitigates risks associated with unsecured transmission.

Administrators need to perform a one-time configuration to enable TLS communication for both the Report Engine and the Web Client.

Note
Please stop the Report Server and the Web Client before enabling/ disabling TLS mode to ensure a smooth transition.

TLS Configurations for Report Engine

To enable TLS for Report Engine, perform the following steps.

  1. Access the file ReportEngine_Default.properties located at –
    ../Intellicus <installation folder>/reportengine/config

  2. Copy the following properties:
    SERVER_ENCRYPTED_WITH_TLS=
    SERVER_ENCYPTION_TLS_PROTOCOL=
    SERVER_ENCYPTION_KEY_STORE=
    SERVER_ENCYPTION_KEY_STORE_PASSWORD=

    Note
    The above mentioned properties must be copied as is. The input values are detailed in point 4.

  3. Paste these properties in the file ReportEngine.properties located at –
    ../Intellicus <installation folder>/reportengine/config

    Note
    If the ReportEngine.properties file does not exist in the specified path, you must create one. The name and casing must be used as specified above.

  4. Enter the details as:

Property/Field

Description

Property/Field

Description

SERVER_ENCRYPTED_WITH_TLS

Set to True to start the Intellicus Server in TLS mode.

SERVER_ENCRYPTION_TLS_PROTOCOL

Enter the desired TLS protocol version. Supported values: TLSv1.2, TLSv1.3.

SERVER_ENCRYPTION_KEY_STORE

Provide the full path to the .p12 (PKCS12) certificate file used for TLS communication.

SERVER_ENCRYPTION_KEY_STORE_PASSWORD

Enter the password for the certificate file specified in SERVER_ENCRYPTION_KEY_STORE.

Note

  • Only TLSv1.2 and TLSv1.3 protocols are currently supported.

  • The certificate in .p12 format must be acquired by the system administrator from a trusted certificate authority (CA).

  1. Save the configurations.

Following is a sample of the TLS Report Engine configurations.

TLS Configurations for Web Client

To enable TLS for Web Client, perform the following steps.

  1. Access the file ReportClient_Default.properties located at –
    ../Intellicus <installation folder>/jakarta/webapps/intellicus/client/config/

  2. Copy the following properties:
    CLIENT_ENCRYPTED_WITH_TLS=
    CLIENT_ENCYPTION_TLS_PROTOCOL=
    TRUST_STORE_PATH=

  3. Paste these properties in the file ReportClient.properties located at –
    ../Intellicus <installation folder>/jakarta/webapps/intellicus/client/
    Note
    If the ReportClient.properties file does not exist in the specified path, you must create one. The name and casing must be used as specified above.

  4. Enter the details as:

Property/Field

Description

Property/Field

Description

CLIENT_ENCRYPTED_WITH_TLS

Set to True to enable TLS mode for the client.

CLIENT_ENCRYPTION_TLS_PROTOCOL

Enter the TLS protocol version to be used. Supported values: TLSv1.2, TLSv1.3.

TRUST_STORE_PATH

Provide the full path to the trusted certificate file(s) in .cer format required for TLS communication.

Note

  • Only TLSv1.2 and TLSv1.3 protocols are currently supported.

  • The certificate(s) must be acquired by the system administrator from a trusted certificate authority (CA).

  1. Save the configurations.

Following is a sample of the TLS Web Client configurations.

 

Copyright Intellicus Technologies Pvt. Ltd. All rights reserved.