Restrict REST Access to the HTTPS Port

In a production environment, you should restrict REST access to a secure port:

  1. Edit your project's conf/jetty.xml file:

    Comment out or delete the <Call name="addConnector"> code block that includes the openidm.port.http property.

    Note

    Do not delete the <Call name="addConnector"> code blocks that contain the openidm.port.https and openidm.port.mutualauth properties.

  2. Edit resolver/boot.properties:

    • Set the openidm.port.https port number.

    • Set the openidm.port.mutualauth port number.

    • Add the property openidm.https.enabled=true.

Use a certificate to secure REST access over HTTPS. You can use self-signed certificates in a test environment. In production, all certificates should be signed by a certificate authority. The examples in this guide assume a CA-signed certificate named ca-cert.pem.

Read a different version of :