Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Version History

« Previous Version 3 Next »

The Kyvos Reporting portal supports TLS communication between the Report Engine and Web Client components, which mitigates risks associated with unsecured transmission.

Administrators perform a one-time configuration to enable TLS communication for the Report Engine and the Web Client.

Note

To ensure a smooth transition, you must stop the Report Server and Web Client before enabling or disabling TLS mode.

TLS configurations for Report Engine

To enable TLS for the Report Engine, perform the following steps.

  1. Access the file ReportEngine_Default.properties located at: ../KyvosReporting <installation folder>/reportengine/config

  2. Copy the following properties:

    • SERVER_ENCRYPTED_WITH_TLS=

    • SERVER_ENCRYPTION_TLS_PROTOCOL=

    • SERVER_ENCRYPTION_KEY_STORE=

    • SERVER_ENCRYPTION_KEY_STORE_PASSWORD=

Note

The above-mentioned properties must be copied as is. The input values are detailed in point 4.

  1. Paste these properties in the file ReportEngine.properties located at: ../KyvosReporting <installation folder>/reportengine/config

Note

If the ReportEngine.properties file does not exist in the specified path, you must create one. The name and casing must be used as specified above.

  1. Enter the details as:

    • Property/ FieldComments/ DescriptionSERVER_ENCRYPTED_WITH_TLS To start the server in the TLS mode, enter True.SERVER_ENCRYPTION_TLS_PROTOCOL To configure the version of TLS protocol, enter TLSv1.2 or TLSv1.3 as needed.

    • SERVER_ENCRYPTION_KEY_STORETo configure the .p12 (PKCS12) file system path required in TLS communication, enter the link to the security certificate in the .p12 file format.

    • SERVER_ENCRYPTION_KEY_STORE_PASSWORDTo configure the password of the file added in the ‘SERVER_ENCRYPTION_KEY_STORE’ property, enter the required password.

Note

  • Currently, the above-mentioned protocols are supported in Kyvos Reporting.

  • This certificate must be acquired by the administrator from a third party security certification vendor.

  1. Save the configurations.

Following is a TLS Report Engine configurations sample.

TLS configurations for Web Client

To enable TLS for Web Client, perform the following steps.

  1. Access the file ReportClient_Default.properties located at –
    ../KyvosReporting <installation folder>/jakarta/webapps/kyvosreporting/client/config/

  2. Copy the following properties:
    CLIENT_ENCRYPTED_WITH_TLS=
    CLIENT_ENCRYPTION_TLS_PROTOCOL=
    TRUST_STORE_PATH=

  3. Paste these properties in the file ReportClient.properties located at –
    ../KyvosReporting <installation folder>/jakarta/webapps/kyvosreporting/client/

    Note: If the ReportClient.properties file does not exist in the specified path, you must create one. The name and casing must be used as specified above.

  4. Enter the details as:

    • Property/ FieldComments/ DescriptionCLIENT_ENCRYPTED_WITH_TLSTo start the client in TLS mode, enter True to enable the property.CLIENT_ENCRYPTION_TLS_PROTOCOLTo configure the version of TLS protocol, enter TLSv1.2 or TLSv1.3 as needed.

      Note: Currently, the above mentioned protocols are supported in Kyvos Reporting.

    • TRUST_STORE_PATHTo configure the path of the security certificates required in TLS communication, enter the link of the security certificates in the .cer file format.

      Note: The certificate(s) must be acquired by the administrator from a third party security certification vendor.

  5. Save the configurations.

Following is a sample of the TLS Web Client configurations.

 

  • No labels

Copyright Kyvos, Inc. All rights reserved.