IBM Spectrum Conductor and security

The Transport Layer Security (TLS) protocol uses encryption and authentication techniques to secure connections between clients and servers. TLS provides integrity and confidentiality by encrypting the data in the transmission.

TLS also enables server authentication by using a certificate to validate its identity. This authentication is especially important to prevent attacks by fraudulent servers that try to gain access to sensitive material. TLS certificates ensure that the server you are connecting to is the server to which you intend to connect.

If you are using TLS and have setup to use your own TLS certificates, you need to back up $EGO_CONFDIR/../../ascd/conf/server_ascd.xml before you perform the egoupgrade cluster command. After egoupgrade cluster has completed, replace $EGO_CONFDIR/../../ascd/conf/server_ascd.xml with the backed-up version and restart ascd.

If enabling security for the cluster management console, RESTful APIs, Elastic Stack, instance groups, or notebooks, use the security tool to automatically configure TLS.