Security Settings

Configuring HTTPS (WildFly Only)

The following section details how to enable TLS over HTTP (HTTPS).

Requirements

In order to configure HTTPS you will need a:

  • JKS or PKCS12 keystore, containing a private key for the server to use as its identity.

  • The details of the key (alias and password) and the password for the keystore.

ClosedConfiguration

  1. Move your chosen keystore into the WildFly SETTINGS directory.

  2. Uncomment and set the required TLS settings in the settings.properties file:

    #tls.keystore.filename=

    #tls.keystore.password=

    #tls.keystore.type=

    #tls.key.alias=

    #tls.key.password=

    #http.enabled=

    #https.enabled=

    #soap.service.scheme=

    #jboss.bind.address=

    TLS details

    Parameter Value
    tls.keystore.filename The name of the keystore file (including the extension) you have placed in your SETTINGS directory.
    tls.keystore.password The password for the keystore you have placed in your SETTINGS directory
    tls.keystore.type Your keystore type: PKCS12 or JKS
    tls.key.alias The unique identifier for the key you will be using.
    tls.key.password The password for the key you will use in the Keystore
    http.enabled Set to false to disable the unsecure HTTP listener
    https.enabled Set to true to enable the HTTPS listener
    soap.service.scheme The protocol for the SOAP service to listen (http or https). If enabling TLS this must be set the HTTPS.
    jboss.bind.address

    The address that 1Integrate should listen on, this should match the common name protected by your certificate.

  3. Next time 1Integrate starts, it will only listen on port 8443 over HTTPS. To change the secure port, uncomment and set the HTTPS port:

    #interface.https.port=8443

Securing Cookies (WildFly Only)

If you are managing an HTTPS enabled installation, it is recommended that you secure cookies.

ClosedTo secure cookies:

  1. Open the settings.properties file

  2. Uncomment cookie.secure=true

Hide Stack Trace Reporting

To improve security you may wish to hide the stack trace reporting to users when an error is encountered in 1Integrate.

ClosedDisable report in WildFly

To disable full stack trace reports to users, you will need to enable the hide.stacktrace=true property in the settings.properties file.

hide.stacktrace=true

ClosedDisable Report in weblogic

To disable full stack trace reports to users, within the WebLogic Server Administration Console, include the following in the Server Start Arguments for the interface:

-Dhide.stacktrace=true

Uploaded files

Uploaded files are stored in the folder pointed to by the java.io.tmp environment variable.

For security purposes, we recommend that you use the relevant operating system tool to ensure that 'execute' permissions are removed for this folder.