SSL configuration in Hive

Important!

• currently, after the installation, the WebUI is available both on HTTP and HTTPS independently of each other (without redirecting). This will be fixed in the next versions.
• when you install the platform, you get self-signed certificates for HTTPS. We do not recommend using them.

You can configure SSL by one of the following methods:

1. Upload SSL certificates in the PEM format to the directory /opt/hw-bw/bssl. These files will not be overwritten when upgrading to the next version. You can also store certificates in a different directory if the default directory does not suit you. To change default directory, add the b.ssl.dir parameter to the /opt/hw-bw/config/user.ini file and indicate new path, f.e.:

   [main]
   b.ssl.dir = new_path
   

2. Configure your proxy server before installation of the Hive. For example, configure nginx, which will proxy all requests for Hive. To install your proxy server on the same virtual machine, add the following parameters to the /opt/hw-bw/config/user.ini file: b.ssl.enabled,b.deck.ip.expose and b.deck.port.expose. Additionally, you can change the following parameters: b.deck.https.ip.expose and b.deck.https.port.expose. Example:

   [main]
   b.ssl.enabled = yes
   b.deck.ip.expose = 127.0.0.0
   b.deck.port.expose = 143
   

To apply changes, run the command:

/opt/hw-bw/bin/reconfig

Note: to get more information about the listed above parameters, see the file /opt/hw-bw/config/user-template.ini on the platform.

See also

• Create connection between Hive and Apiary projects
• Hive Platform Maintenance
• Getting started: Creating Project and Project Group
• Setup Hive ports