You can use your own keystore and truststore to protect MashZone NextGen Event Service of unauthorized access.
After the installation, MashZone NextGen uses a default keystore and truststore. For security reason we recommend to change that configuration for production environments. Please make sure that the truststore, referenced by Event Service, contains the appropriate certificate for the key, referenced by MashZone NextGen. Event Service is only available if the configuration is valid.
If multiple MashZone NextGen nodes are used in a clustered scenario, it is recommended to use the same key for all MashZone NextGen instances.
The default keystore and truststore are located in the common and conf folders of the MashZone NextGen installation.
For authentication MashZone NextGen webapp sends an HTTP header "Authorization" with "Bearer [JWT]" as value.
Procedure
jwt.keystore.file
jwt.keystore.passwd
jwt.keystore.alias
The parameters are contained in the presto.config file in the following directory.
<MashzoneNG_install>\apache-tomcat\webapps\mashzone\WEB-INF\classes\
rtbs.truststore.file
rtbs.truststore.passwd
The parameters are contained in the rtbs.properties file in the following directory.
<MashzoneNG_install>\rtbs\conf\