B.7.3 TLS Properties
Run MicroTx using the HTTP or HTTPS protocol.
For secure access to MicroTx over HTTPS, create a self-signed certificate and note down location of the certificate and private key. For information about creating an SSL certificate, see Guidelines for Generating Self-Signed Certificate and Private Key using OpenSSL in Security Guide.
If you enable TLS in the tcs-docker-swarm.yaml
file, then you must import the SSL certificate into the trust store of the sample applications so that sample applications can securely access MicroTx.
Under tmmConfiguration.serveTLS
, specify the details of the SSL certificate that you want to use for authorization.
Property | Description |
---|---|
enabled |
Set this to true to enable TLS to ensure secure communication between participant services and MicroTx. You must provide details for the certificate and key file under certFile and keyFile properties. When you enable TLS, you can access the transaction coordinator over HTTPS.
If you set this field to Caution: You must set this field totrue in production environments.
|
certFile |
Path to the TLS certificate, in PEM format, on your local machine. |
keyFile |
Path to the private key file, in PEM format, which is associated with the certificate on your local machine. |
The following code snippet provides sample values for the serveTLS
field in the tcs-docker-swarm.yaml
file.
tmmConfiguration:
serveTLS:
enabled: true
certFile: /users/john.doe/self-signed/tcs/certificate.pem
keyFile: /users/john.doe/self-signed/tcs/key.pem
Parent topic: Configure the tcs-docker-swarm.yaml File