...
| Protocol | Secure connection | |||
|---|---|---|---|---|
| Any client (browser, KLA, K4D, custom REST API client, etc.) | ↔ | Kiuwan apache load balancer | HTTPS | Yes |
| Kiuwan apache load balancer | ↔ | Kiuwan (frontal) | HTTPS | Yes |
| Kiuwan (frontal, analyzer, scheduler, updater) | ↔ | MySQL database | mysql protocol (SSL can be optionally enabled) | Optional |
| Kiuwan (frontal, analyzer, scheduler, updater) | ↔ | Redis cluster node | RESP (REdis Serialization Protocol) - SSL | Optional (only supported when using AWS elasticache) |
| Redis cluster node | ↔ | Redis cluster node | RESP (REdis Serialization Protocol) | Optional (only supported when using AWS elasticache) |
Every time a client connects to a server using a secure protocol, it needs to make sure that the contacted server is who it claims to be. This is usually done by the server returning a certificate (signed by a Certification Authority, CA) that the client can check for authenticity.
...
In order to provide a default installation configuration that enables secure protocols on most communications channels, Kiuwan on premises comes with a set of certificates and keystores for the default configured domain (kiuwan.onpremise.local).
| Warning |
|---|
Note that the previous statement means that if you rely on the default installation configuration all your certificates will be the same as other Kiuwan customers certificates. We encourage you create your own CA for signing your own domain certificates or sending your own certificates to a trusted CA to be signed. |
Provided SSL related files
...