In this release, several security-related changes took place.
- Changes to how SSL mode
is used by the Endeca Server. In this release, you can install the Endeca
Server in a secure mode with mutual SSL authentication. In secure mode, Web
service requests to the Endeca Server must use HTTPS. Additionally, your
browser should be configured for SSL. For SSL-related changes to the
endeca-cmd utility, see
Changes to endeca-cmd.
- Generating SSL keys.
If you installed Endeca Server in secure mode, you must generate the required
SSL keys with the
generate_ssl_keys utility.
- Dgraph security. The
security of the Dgraph process has been improved by ensuring that the Endeca
Server to the Dgraph communication is secure by default (if you installed the
Endeca Server in a secure SSL mode).
- Cluster security. In
this release, the Endeca Server cluster installation is secured by optionally
configured SSL during the installation process.
If the SSL mode is used, the Endeca Server to Dgraph communication
uses SSL also (and cannot be turned off). The Endeca Server to the Cluster
Coordinator communication (and the communication between the Cluster
Coordinator services themselves) is secure by default (and cannot be turned
off).
For detailed information, see the
Oracle Endeca Server Security Guide and the
Oracle Endeca Server Installation Guide (in the section
on installing the Endeca Server cluster).
For detailed information about security in the Endeca Server, see the
Oracle Endeca Server Security Guide.