Configuring SSL

By default, your pulse™ server is configured to use plain HTTP. If you wish to use the encrypted HTTPS protocol instead, you need to configure pulse™ to use SSL. This involves two steps:

1) Setting up your certificate/key pair in a key store.
2) Enabling SSL and pointing pulse™ to your key store.

Setting Up Your Certificate

Pulse uses an embedded version of Jetty as its web server. The Jetty documentation describes the process of setting up a certificate in a JSSE keystore:

http://docs.codehaus.org/display/JETTY/How+to+configure+SSL

Note that Step 4 in the above document is not required, this configuration is covered below.

SSL Configuration

To configure pulse™ to use HTTPS, you need to edit the configuration file $HOME/.pulse2/config.properties file. This file contains properties in the format:

<name>=<value>

You need to configure four properties: enabling SSL, the location of your key store file, the key store password and the key password:

ssl.enabled=true
ssl.keystore=/home/pulse/.keystore
ssl.password=secret
ssl.keyPassword=secret

For the change to take effect, you will need to restart your pulse™ server.

Configuring Agents

If you have are also using agents, they will need to communicate to the master using SSH. To some degree pulse™ handles this automatically, but further setup is required so that SSL connections can be established from the agent to the master. In particular, you need to import the master's certificate as a trusted certificate in the agent JVM. Certificates may be imported using the keytool utility distributed with the JDK. Refer to the keytool documentation for your Java version for further details.