Versions Compared

Old Version 2

changes.mady.by.user Sarabjeet Kaur

Saved on

compared with

New Version Current

changes.mady.by.user DocReviewer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Applies to: (tick) Kyvos Enterprise  (tick) Kyvos Cloud (SaaS on AWS) (tick) Kyvos AWS Marketplace

...

Panel
panelIconIdatlassian-note
panelIcon:note:
bgColor#DEEBFF

Note

From Kyvos 2023.3 onwards, you can see the last performed network communication operation details, including progress status and start time, by clicking the iicon located next to the Revert button. To view more comprehensive details, simply click the View Details link, which will take you to the Operations page, where you can view the operation information in detail. 

The Network Communication page allows you to configure secured communication settings (HTTPS/TLS) for Kyvos and Kyvos Manager.

...

Note

You can also define HTTP2 configuration from the Network Communication page. Further, you can specify HTTP2 configuration for the Kyvos Web portal even if TLS is not enabled.

...

On the Network Communication page, select one of the following options and complete the parameters displayed for the selected option.

  • Select with TLS on all Kyvos Services and Kyvos Manager 

  • Secured HTTPS on Kyvos Web Portal Only 

  • HTTP

...

Parameter/Field

Comments/Description

HTTP Protocol 

Select the HTTP Protocol to use. Before enabling HTTP2, ensure that the prerequisites are completed.

TLS Protocol

Select the version for SSL/TLS protocol to be used. For multiple versions, select the corresponding checkboxes. 

TLS Certificate mode

Select the certificate mode. You can upload a file or provide the path.

Keystore

Provide the location of the keystore file. This file is used by the server when secure communication is enabled and required by the client when mutual authentication is enabled.
Example: /data/KM_SNI/Certificate/keystore.jks

Keystore Private Key

Enter the keystore password. 

Truststore 

Provide the location (path) to read the trust store file. This file is required by the client when secure communication is enabled and required by the server when mutual authentication is enabled.
Example: /data/KM_SNI/Certificate/truststore.jks

Truststore Private Key

Enter the truststore password.

Cipher Suite

Enter the encryption algorithm to be used for communication over the TLS layer.

Enable Mutual Authentication

Select to enable mutual authentication. 
NOTE: This option is displayed only if you have installed the Kyvos cluster using the war bundle. For other modes, Mutual authentication is enabled automatically.

Skip Host Name Verification 

Select Yes to skip host name verification to enable TLS communication in IP address based cluster.

NOTE: It is mandatory to skip host name verification to enable TLS communication in IP address based cluster. The property  HOSTNAME_VERIFIER  value will be updated in the "globals.properties" file.

Kyvos Web Portal Configuration

  • Use Same Certificate as TLS: Select to use the same certificate for TLS and Web portal authentication.

  • Use Different Certificate: Select to use a different certificate. In this case, you will have to upload or provide the path of the Certificate and enter the Keystore path and Keystore Private Key.

HTTP2 Configuration

APR Lib Path: Provide the absolute path for Apache Portable Runtime library. 

Custom Attributes for HTTPS over TLS connector

Here, provide the key value pairs for the following parameters:

  • Connector

  • Connector.UpgradeProtocol

  • Connector.SSLHostConfig

  • Connector.SSLHostConfig.Certificate

Custom Attributes for Mutual Authentication connector

Here, provide the key value pair for the Connector.

...