License Type | On-Premise |
Agent Mode | N/A |
Main Product Category | Administration |
Sub Category | Distributed Installation |
Objective
Connect your distributed EOP installation to an Azure MySQL database instance, via an encrypted TLS connection.
Process
Note: If running the installer to create a new instance of Contrast, the Azure MySQL Database server must be configured temporarily not to require TLS (by setting the database server property
require_secure_transport
to OFF
). You must complete the installation first and can then change the settings to require TLS if desired (changes will take effect on restart).Configure the JDBC URL on each of your EOP nodes to require TLS, by modifying the value of the jdbc.url
parameter in the database.properties
file using the encrypted properties editor (as documented here) to add the options requireSSL
and useSSL
as follows:
jdbc:mysql://<your_azure_url>:<port>/contrast?requireSSL=true&useSSL=true
Please replace:
<your_azure_url>
with the URL to your Azure MySQL database instance<port>
with the database server port being used.
Quit and save the changes. Restart your contrast-server process.
Note: If restricting the database to only accept TLSv1.2 connections it may be necessary (depending on the Java version in use) to additionally force that protocol in the connection string (
jdbc.url
) by adding enabledSslProtocolSuites=TLSv1.2
.