Configuring HTTPS for local server deployment of SysON for testing purposes

Enabling HTTPS with a self-signed certificate is intended for testing purposes only and shouldn’t be used in a production environment. Self-signed certificates don’t provide the same level of security and trust as certificates issued by a trusted Certificate Authority (CA). For production deployments, obtain a valid certificate from a trusted CA to ensure secure and reliable communication.

If you intend to install SysON on a local server or machine and allow several users to access it, you must enable HTTPS. If you don’t have a certificate, you can generate one by using keytool for testing purposes only.

This procedure requires to have the keytool application to be installed (the application comes with the Java Runtime Environment as explain in prerequisites:)

  1. Create a self-signed certificate:

    keytool -genkeypair -alias myalias -keyalg RSA -keysize 2048 -validity 365 -keystore keystore.jks
  2. If you have installed SysON with docker, just update your docker-compose file as below (otherwise, please go to next instruction):

    version: "3.8"
    services:
      database:
        ... no need to change anything in the database section
      app:
        ... just add the following configuration in the app section
        volumes:
          - ./keystore.jks:/keystore.jks
        entrypoint:
          - java
          - -jar
          - /app.jar
          - --server.ssl.key-store=./keystore.jks
          - --server.ssl.key-store-password=PASSWORD_USED_IN_STEP_1
          - --server.ssl.key-store-type=JKS
          - --server.ssl.key-alias=myalias
          - --server.ssl.key-password=PASSWORD_USED_IN_STEP_1
    networks:
      ... no need to change anything in the networks section
  3. If you have installed SysON manually, place the certificate file next to your SysON-application JAR file

  4. Launch your JAR (as explained in the start the application section with the following extra properties:

      --server.ssl.key-store=./keystore.jks \
      --server.ssl.key-store-password=PASSWORD_USED_IN_STEP_1 \
      --server.ssl.key-store-type=JKS \
      --server.ssl.key-alias=myalias \
      --server.ssl.key-password=PASSWORD_USED_IN_STEP_1
  5. Every user in your local network can now access the application at: https://SysON_SERVER_IP:8080