Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Version History

Version 1 Next »

The Kyvos Reporting portal supports TLS communication between the Report Engine and Web Client components, which mitigates risks associated with unsecured transmission.

Administrators perform a one-time configuration to enable TLS communication for the Report Engine and the Web Client.

Please stop the Report Server and Web Client before enabling/ disabling TLS mode to ensure a smooth transition.

TLS configurations for Report Engine

To enable TLS for the Report Engine, perform the following steps.

  1. Access the file ReportEngine_Default.properties located at –
    ../KyvosReporting <installation folder>/reportengine/config

  2. Copy the following properties:
    SERVER_ENCRYPTED_WITH_TLS=
    SERVER_ENCRYPTION_TLS_PROTOCOL=
    SERVER_ENCRYPTION_KEY_STORE=
    SERVER_ENCRYPTION_KEY_STORE_PASSWORD=

    Note: The above mentioned properties must be copied as is. The input values are detailed in point 4.

  3. Paste these properties in the file ReportEngine.properties located at –
    ../KyvosReporting <installation folder>/reportengine/config

    Note: If the ReportEngine.properties file does not exist in the specified path, you must create one. The name and casing must be used as specified above.

  4. Enter the details as:
    Property/ FieldComments/ DescriptionSERVER_ENCRYPTED_WITH_TLS To start the server in the TLS mode, enter True.SERVER_ENCRYPTION_TLS_PROTOCOL To configure the version of TLS protocol, enter TLSv1.2 or TLSv1.3 as needed.

    Note: Currently, the above mentioned protocols are supported in Kyvos Reporting.

    SERVER_ENCRYPTION_KEY_STORETo configure the .p12 (PKCS12) file system path required in TLS communication, enter the link to the security certificate in the .p12 file format.

    Note: This certificate must be acquired by the administrator from a third party security certification vendor.

    SERVER_ENCRYPTION_KEY_STORE_PASSWORDTo configure the password of the file added in the ‘SERVER_ENCRYPTION_KEY_STORE’ property, enter the required password.

  5. Save the configurations.

Following is a sample of the TLS Report Engine configurations.

TLS configurations for Web Client

To enable TLS for Web Client, perform the following steps.

  1. Access the file ReportClient_Default.properties located at –
    ../KyvosReporting <installation folder>/jakarta/webapps/kyvosreporting/client/config/

  2. Copy the following properties:
    CLIENT_ENCRYPTED_WITH_TLS=
    CLIENT_ENCRYPTION_TLS_PROTOCOL=
    TRUST_STORE_PATH=

  3. Paste these properties in the file ReportClient.properties located at –
    ../KyvosReporting <installation folder>/jakarta/webapps/kyvosreporting/client/

    Note: If the ReportClient.properties file does not exist in the specified path, you must create one. The name and casing must be used as specified above.

  4. Enter the details as:
    Property/ FieldComments/ DescriptionCLIENT_ENCRYPTED_WITH_TLSTo start the client in TLS mode, enter True to enable the property.CLIENT_ENCRYPTION_TLS_PROTOCOLTo configure the version of TLS protocol, enter TLSv1.2 or TLSv1.3 as needed.

    Note: Currently, the above mentioned protocols are supported in Kyvos Reporting.

    TRUST_STORE_PATHTo configure the path of the security certificates required in TLS communication, enter the link of the security certificates in the .cer file format.

    Note: The certificate(s) must be acquired by the administrator from a third party security certification vendor.

  5. Save the configurations.

Following is a sample of the TLS Web Client configurations.

 

  • No labels

Copyright Kyvos, Inc. All rights reserved.