Configuring the Discovery Framework to connect to a secured MDEX Engine

This topic provides a high-level description of how you can set up the Discovery Framework to connect to a secured (HTTPS) MDEX Engine.

Several of the steps below refer to chapter 3 of the Endeca Platform Services Security Guide, entitled "Using Endeca SSL Certificate Utilities." The Endeca Platform Services Security Guide is available as part of the Platform Services documentation set on EDeN. Before attempting these steps, make sure you have a copy of that guide at hand.

Note: The steps below assume you are using the Discovery Framework Tomcat bundle.
  1. Generate the SSL certificate files for the Dgraph using the enecerts utility. This utility is available in both the Platform Services and MDEX Engine installation. For instructions, refer to the section "Generating SSL certificates" in the Endeca Platform Services Security Guide.
  2. Generate the Java KeyStore (JKS) files using the endeca-key-importer.jar utility from the Endeca Platform Services installation. For instructions, refer to the topic "Converting PEM-format keys to JKS format" in chapter 3 of the Endeca Platform Services Security Guide.
  3. Place the JKS keys into the directory containing the JSON data source files. This is typically, but not always, the endeca-portal\data\endeca-data-sources directory.
  4. Specify the caFile, certFile, caPassword, and certPassword in the appropriate JSON data source file. The following example is extracted from a larger data source file:
    "sslConfig": {
    		"caFile":"truststore.ks",
    		"caPassword":"endeca",
    		"certFile":"keystore.ks",
    		"certPassword":"endeca"
    	}
  5. Restart the Discovery Framework.