Using HTTPS

Secure Socket Layer (SSL) is a protocol that provides security for communications between client and server by implementing encrypted data and certificate-based authentication.

By default the Spectrum Technology Platform server uses HTTP for communication with Spectrum Enterprise Designer, browser applications such as Spectrum Management Console and Metadata Insights, as well as for handling web service requests and API calls. You can configure Spectrum Technology Platform to use HTTPS if you want to secure these network communications.

This section describes how to configure the Spectrum server to use Secure Socket Layer (SSL). Technically, the term "SSL" now refers to the Transport Layer ouSecurity (TLS) protocol, which is based on the original SSL specification. Before you configure HTTPS on the Spectrum server, you will need to create an RSA public/private key pair, generate a certificate signing request (CSR) that embeds your public key, share your CSR with a Certificate Authority (CA) to receive a final certificate or a certificate chain, and install the final certificate on the Spectrum server.

You can also also use a self-signed certificate, although this is only recommended for test purposes.

If you want to use HTTPS and you are running Spectrum Technology Platform in a cluster, do not follow this procedure. Instead, configure the load balancer to use HTTPS for communication with clients. Communication between the load balancer and the Spectrum Technology Platform nodes, and between the nodes themselves, will be unencrypted because Spectrum Technology Platform clustering does not support HTTPS. The load balancer and the Spectrum Technology Platform servers in the cluster must be behind a firewall to provide a secure environment.