License Type | On-Premise |
Agent Mode | N/A |
Main Product Category | Administration |
Sub Category | Distributed Installation |
Objective
Connect your distributed EOP installation to an Azure MySQL database instance, via an encrypted TLS connection.
Process
Configure the JDBC URL on each of your EOP nodes to require SSL (TLS), by modifying the value of the jdbc.url
parameter in the database.properties
file using the encrypted properties editor as documented here) as follows:
jdbc:mysql://<your_azure_url>:<port>/contrast?useUnicode=yes&characterEncoding=UTF-8&requireSSL=true&useSSL=true
Please replace:
<your_azure_url>
with the URL to your Azure MySQL instance<port>
with the database server port being used (see this article for details on options).
Quit and save the changes. Restart your contrast-server process.
Note: If restricting the database to only accept TLSv1.2 connections it may be necessary (depending on the Java version in use) to additionally force that protocol in the connection string (
jdbc.url
). For EOP installations lower than 3.8.10 you can do so by adding enabledTLSProtocols=TLSv1.2
. For EOP versions 3.8.10 or greater (which use the mariadb driver) use enabledSslProtocolSuites=TLSv1.2
.