You are viewing the documentation for Blueriq 17. Documentation for other versions is available in our documentation directory.
It is advisable to enable HTTPS to encrypt communication.
This article assumes knowledge on HTTPS and certificates.
Runtime
If running the runtime, or any other service in an application server, refer to the documentation of the application server on how to enable HTTPS. For maximum security, we advise to use official certificates that ae published by an official certificate authority. It is also possible to use self signed certificates, but this may lead to extra issues.
Tomcat
See https://tomcat.apache.org/tomcat-10.1-doc/ssl-howto.html
JBoss EAP
Standalone JAR
See https://docs.spring.io/spring-boot/how-to/webserver.html#howto.webserver.configure-ssl
Self Signed Certificates
When using self signed certificates, Java may give exceptions with a message like this:
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
If this occurs, you need to add the certificate authority (CA) certificate that you used to generate your certificates to <JAVA_HOME>/lib/security/cacerts
.
# keytool -import -trustcacerts -alias <myalias> -file <myCaCertificateFile> -keystore <JAVA_HOME>/lib/security/cacerts