The Kyvos Reporting portal supports TLS communication between the Report Engine and Web Client components, which mitigates risks associated with unsecured transmission.
Administrators perform a one-time configuration to enable TLS communication for the Report Engine and the Web Client.
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
Note To ensure a smooth transition, you must stop the Report Server and Web Client before enabling or disabling TLS mode. |
TLS configurations for Report Engine
To enable TLS for the Report Engine, perform the following steps.
Access the file ReportEngine_Default.properties located at: ../KyvosReporting <installation folder>/reportengine/config
Copy the following properties:
SERVER_ENCRYPTED_WITH_TLS=
SERVER_ENCRYPTION_TLS_PROTOCOL=
SERVER_ENCRYPTION_KEY_STORE=
SERVER_ENCRYPTION_KEY_STORE_PASSWORD=
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
Note The above-mentioned properties must be copied as is. The input values are detailed in point 4. |
Paste these properties in the file ReportEngine.properties located at: ../KyvosReporting <installation folder>/reportengine/config
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
Note If the ReportEngine.properties file does not exist in the specified path, you must create one. The name and casing must be used as specified above. |
Enter the details as:
Property / Field | Comments / Description |
|---|---|
SERVER_ENCRYPTED_WITH_TLS | To start the server in the TLS mode, enter True. |
SERVER_ENCRYPTION_TLS_PROTOCOL | To configure the version of TLS protocol, enter TLSv1.2 or TLSv1.3 as needed. Note: Currently, the above-mentioned protocols are supported in Kyvos Reporting. |
SERVER_ENCRYPTION_KEY_STORE | To configure the .p12 (PKCS12) file system path required in TLS communication, enter the link to the security certificate in the .p12 file format. Note: This certificate must be acquired by the administrator from a third party security certification vendor. |
SERVER_ENCRYPTION_KEY_STORE_PASSWORD | To configure the password of the file added in the ‘SERVER_ENCRYPTION_KEY_STORE’ property, enter the required password. |
Save the configurations.
Following is a TLS Report Engine configurations sample.
TLS configurations for Web Client
To enable TLS for Web Client, perform the following steps.
Access the file ReportClient_Default.properties located at: ../KyvosReporting <installation folder>/jakarta/webapps/kyvosreporting/client/config/
Copy the following properties:
CLIENT_ENCRYPTED_WITH_TLS=
CLIENT_ENCRYPTION_TLS_PROTOCOL=
TRUST_STORE_PATH=
Paste these properties in the file ReportClient.properties located at: ../KyvosReporting <installation folder>/jakarta/webapps/kyvosreporting/client/
Note
If the ReportClient.properties file does not exist in the specified path, you must create one. The name and casing must be used as specified above.
Enter the details as:
Property/ FieldComments/ Description
Note: Currently, the above-mentioned protocols are supported in Kyvos Reporting.
TRUST_STORE_PATHTo configure the path of the security certificates required in TLS communication, enter the link of the security certificates in the .cer file format.
Note: The certificate(s) must be acquired by the administrator from a third-party security certification vendor.
Property / Field | Comments / Description |
|---|---|
CLIENT_ENCRYPTED_WITH_TLS | To start the client in TLS mode, enter True to enable the property. |
CLIENT_ENCRYPTION_TLS_PROTOCOL | To configure the version of TLS protocol, enter TLSv1.2 or TLSv1.3 as needed. Note: Currently, the above-mentioned protocols are supported in Kyvos Reporting. |
TRUST_STORE_PATH | To configure the path of the security certificates required in TLS communication, enter the link of the security certificates in the .cer file format. Note: The certificate(s) must be acquired by the administrator from a third-party security certification vendor. |
Save the configurations.
Following is a sample of the TLS Web Client configurations.
