Initializing help system before first use

Configuring a Secure Connection

The connection between Xpress Insight 5 and MySQL should be secured by enabling an SSL connection.
To configure SSL on the connection, perform the following steps:
  1. Configure your MySQL server to support SSL.
    You can find further information on this in the MySql documentation.
  2. Edit the application.properties file.
    1. Modify the insight.server.persistence.mysql.username and insight.server.persistence.mysql.password to match the user account created in MySQL.
    2. Modify insight.server.persistence.mysql.url to either encrypt the connection using SSL, or to authenticate using a certificate:
      1. To encrypt the connection using SSL, add useSSL=true as a parameter in connection string.
      2. To point to the location of the SSL certificate (either on the file system or located in a trust store).
        • When the certificate is located on the file system then location of the file must be added to the connection string: 
          serverSslCert=path/to/server-cert.pem
          For example: 
          jdbc:mariadb://mydatabaseserver.mycorp.com:3306/insight5?useSSL=true&serverSslCert=path/to/server-cert.pem
        • When the certificate is located in a trust store then the following parameters must be added to the connection string: 
          storetrustStore=path/to/truststore&trustStorePassword=passwordOfStore
          For example: 
          jdbc:mariadb://mydatabaseserver.mycorp.com:3306/insight5?useSSL=true&storetrustStore=path/to/truststore&trustStorePassword=passwordOfStore
        Note The server name declared in the connection url must match the server name defined in the SSL certificate. If they do not match Xpress Insight will fail to startup.
      Tip When configuring a secure connection we recommend that the user you have create be altered to require SSL. For more, see the Schema User section on the Schema Creation page.
Parent Topic Configuring Insight 5 to use MySQL