Skip to content

Commit

Permalink
Update tls.adoc
Browse files Browse the repository at this point in the history
fix docs for enabling TLS
  • Loading branch information
ujibang authored May 21, 2024
1 parent 4b4acc4 commit 303fb9d
Showing 1 changed file with 14 additions and 3 deletions.
17 changes: 14 additions & 3 deletions docs/security/tls.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,20 @@ https-listener:
enabled: true
host: 0.0.0.0
port: 4443
keystore-file: /path/to/keystore/file
keystore-path: /path/to/keystore/file
keystore-password: secret
certpassword: secret
certificate-password: secret
----

Example:
[source,bash]
----
$ sudo vi /etc/hosts # ...and map 127.0.0.1 to restheart.local domain
$ http -d https://raw.githubusercontent.com/SoftInstigate/restheart/master/core/bin/generate-certauthority-and-keystore.sh # download the script generate-certauthority-and-keystore.sh
$ ./generate-certauthority-and-keystore.sh -d restheart.local -a /tmp -p secret # generate a test keystore and certificate authority
$ RHO='/https-listener->{ "enabled": true, "host": "restheart.local", "port": 4443, "keystore-path": "/tmp/restheart.local.jks", "keystore-password": "secret", "certificate-password": "secret" }' java -jar restheart.jar # run RESTHeart with TLS enabled
$ http -b --verify /tmp/devCA.pem https://restheart.local:4443/ping # execute a test request
Greetings from RESTHeart!
----

To enable https configure the https listener using the following options:
Expand Down Expand Up @@ -67,4 +78,4 @@ link:https://letsencrypt.org[Let's Encrypt] is a popular and nonprofit Certifica

This script generates the java keystore from Let's Encrypt certificate archive.

Download the script from link:https://raw.githubusercontent.com/SoftInstigate/restheart/master/core/bin/convert-letsencrypt-java-keystore.sh[convert-letsencrypt-java-keystore.sh]
Download the script from link:https://raw.githubusercontent.com/SoftInstigate/restheart/master/core/bin/convert-letsencrypt-java-keystore.sh[convert-letsencrypt-java-keystore.sh]

0 comments on commit 303fb9d

Please sign in to comment.