SSL Configuration

Learn how to secure your installation of Nuix RESTful Service by enabling SSL.

  2 minute read  

To ensure that all communications within Nuix RESTful Service are protected, Secure Sockets Layer (SSL) should be enabled before using the application in a production environment.

Before You Begin

It is recommended that SSL be implemented with a valid certificate obtained from a trusted Certificate Authority (CA).

To enable SSL, Nuix RESTful Service requires:

  • A PKCS12 (Recommended) or JKS keystore
  • A PEM or DER based certificate

Generating a Self-Signed Certificate

Certificates being used in a production environment should be obtained and signed by a trusted Certificate Authority (CA). In some circumstances, however, it may be necessary to generate a self-signed certificate for testing purposes.

To generate a self-signed PKCS12 based keystore for use with Nuix RESTful Service:

  1. From a command prompt, navigate to the Java installation directory used by Nuix RESTful Service:

    • Windows: C:\Program Files\Common Files\i4j_jres\11.0.3\bin
    • Linux: $JAVA_HOME/bin

  2. Run the following command to generate the keystore.

    keytool -genkeypair -alias nuixrest -keyalg RSA -keysize 4096 -storetype PKCS12 -keystore nuixrest.p12 -validity 3650 -storepass changeit -keypass changeit

  3. Proceed to Enabling SSL to complete the configuration.

Importing a PEM Certificate to a PKCS12 Keystore

To import the PEM-based key and a trusted CA-provided certificate to the PKCS12 keystore:

  1. From a command prompt with elevated privileges, enter the following command:

    openssl pkcs12 -export -out nuixrest.p12 -inkey privkey.pem -in cert.pem -name nuixrest

  2. Proceed to Enabling SSL to complete the configuration.

Enabling SSL

To enable SSL for the Nuix RESTful Service:

  1. Navigate to the following location within the Nuix RESTful Service installation directory.
    • Windows default: C:\Program Files\Nuix\Nuix RESTful Service\settings
    • Linux default: /opt/nuix-restful-service/settings
  2. Using a text editor, open application.properties.
  3. Update the values of the following existing properties to provide the details of your keystore and enable SSL: 
    server.port=8443
server.ssl.key-store=/path/to/generated/keystore/nuixrest.p12
server.ssl.key-store-password=changeit
server.ssl.key-store-type=PKCS12
server.ssl.key-alias=nuixrest
server.ssl.key-password=changeit
server.ssl.enabled-protocols=TLSv1.2
  4. Save the file and exit.
  5. Restart Nuix RESTful Service for the changes to take effect.

After restarting, Nuix RESTful Service will be accessible at the following URL: https://127.0.0.1:8443/nuix-restful-service/svc/docs