ExoInsight provides the option to enable SSL support. To enable ExoInsight to communicate over an SSL channel, follow these steps:
Open the keystore.properties file located at
<installation directory>/casabase/keystore
Set the enableSSL flag to true
enableSSL=true
Set the remaining flags as follows:
Flag Name |
Description |
disableNonSSLAccess |
This setting disables the default non-SSL port (9090), making ExoInsight available only via the SSL port.
Valid values: false, true |
certValidityInDays |
The length of time you want the key to be valid. When the length of time has passed, another key will need to be generated.
Valid values: any positive integer |
certDNS_HostnameOverride |
By default, ExoInsight will utilize the hostname of the machine as the server name for the URL. This setting allows you to override the server name that ExoInsight uses for the URL. Useful in a remote server situation.
Valid values: any valid server hostname |
httpsPort |
The port to be used for the SSL connection.
Valid values: any available port on the ExoInsight host server. |
Utilizing Your Own Server Certificate
Your organization will have a process to generate certificates and keystore files for your server. Once you have the keystore file and the certificates are properly installed on the server, set the following additional parameters in the keystore.properties file located at
<installation directory>/casabase/keystore
Note: Typically the internally generated keystore file will be placed in the directory above.
Flag Name |
Description |
javaKeystorePath |
Reference to the internally generated keystore path. For Windows servers, use double-slashes to escape the backslash in the directory name. For example, if your keystore file is located at: D:\ExoInsight\mycert.pkcs12 This value would reference: D:\\ExoInsight\\mycert.pkcs12 |
javaKeyStoreType |
The type of keystore being referenced in the javaKeystorePath variable.
Valid values: JKS, PKCS12. Important Note: use PKCS12 whenever possible. Using a JKS type is possible but requires additional ExoInsight configuration. |
javaKeyStorePassword |
The password that was used when generating the keystore file. This password will be encrypted once ExoInsight is restarted. |
javaKeyManagerPassword |
Typically the same as the javaKeyStorePassword value. This password will be encrypted once ExoInsight is restarted. |
Save the keystore.properties file once complete and restart ExoInsight. ExoInsight will now be available at
https://<certDNS_HostnameOverride>:<httpsPort>/ExoInsight