ClusterWare User Guide
  • 👋Welcome to ClusterWare!
  • Learning Path
    • 🔭Overview
    • 1️⃣Create a distributed NodeJS application in 10 minutes
      • Step 1: Create a new cluster
      • Step 2: Onboard servers to ClusterWare
      • Step 3: Install server software
      • Step 4: Create application instances
      • Step 5: Import application source code
      • Step 6: Start the application
      • Step 7: Create and start application load balancer
    • 2️⃣Uniformly secure access to your infrastructure
      • Step 1: Create Security Policy
      • Step 2: Install Firewall
      • Step 3: Apply Security Policies
    • 3️⃣Secure the data in-transit with SSL
      • Step 1: Gateway Security
      • Step 2: Endpoints Security
    • 4️⃣Eliminate a single point of failure in 10 minutes
      • Step 1: Onboard a new server
      • Step 2: Install Niginx
      • Step 3: Configure DNS
      • Step 4: Create and start the failover load balancer
      • Step 5: Run a load balancer outage experiment
  • Fundamentals
    • 🧩Sync, Insights, Tasks
    • 🤖Supported Technologies
    • 🛡️Server Authentication Methods
    • 💡Connectivity Troubleshooting
  • Services
    • Clusters
      • Cluster Selection & Creation
      • Editing Cluster
      • Notification Subscriptions
      • Auto-deployment (CI/CD)
    • Dashboard
      • Load Balancers & Applications
    • Servers
      • Create/Edit Server
      • Status
      • Software
      • Security
        • Enabling Non-Root Firewall Status Checking
        • Changing Firewall Status
        • Applying Security Policies
      • Metrics
      • Alerts
    • Applications
      • Create/Edit Application
      • Status
      • Git
      • Output Log / Error Log
      • Metrics
      • Alerts
    • Load Balancing
      • Create/Edit Load Balancer
      • Status
      • Gateway Security
      • Endpoint Security
    • Security Policies
      • Create/Edit Security Policy
Powered by GitBook
On this page
  • a) Add ENABLE_SSL flag
  • b) Restart applications to use secure (HTTPS) server
  • c) Update the Load Balancer config
  • Congratulations! You have secured all the traffic in your application with SSL!
  1. Learning Path
  2. Secure the data in-transit with SSL

Step 2: Endpoints Security

PreviousStep 1: Gateway SecurityNextEliminate a single point of failure in 10 minutes

Last updated 11 months ago

a) Add ENABLE_SSL flag

Note: flag is specific to the "Distributed Timer" app that we use for demo purposes. You may use a different way to determine when to create a secure server or even skip that check in your application if you want to always create a secure server.

  1. Navigate to the Dashboard service and click Edit Cluster button

  1. Add a new Environment Variable and click Save cluster

Key
Value

ENABLE_SSL

true

Note: The endpoint certificate and the endpoint certificate key are passed as environment variables automatically by ClusterWare

b) Restart applications to use secure (HTTPS) server

  1. Navigate to the Applications service

  1. Click Deploy all apps

c) Update the Load Balancer config

  1. Navigate to the Load Balancing service. Notice the endpoints are not secured yet.

  1. Open Endpoint Security tab. Click Upload endpoint certificates to this Load Balancer. Uploading certificates to the load balancer requires root privileges. Provide Root password and click OK.

This action uploads the ClusterWare provided endpoint certificate to the server that is hosting the load balancer. It is the same certificate that ClusterWare provides to the applications in the Environment Variables.

  1. Toggle SSL for Endpoints option.

Toggling the option results in showing Not in config tag until the load balancer is restarted.

  1. Go back to load balancer Status tab. Click Restart Load Balancer. Provide Root password and click OK

  1. The endpoints should be marked as secured now.

  1. Open the load balancer URL to check if the changes were applied.

The endpoint certificates are not customer-facing. Hence you can't inspect them directly in the browser. Once the Endpoints secured icon shows up, the load balancer is instructed to allow the traffic ONLY to the applications that present this endpoint certificate.

Congratulations! You have secured all the traffic in your application with SSL!

3️⃣
👏
ENABLE_SSL