Tsm security external-ssl enable -cert-file -key-file Prepare the environmentĪfter you have copied the certificate files to the local computer, run the following commands: SSL certificate and key files will be distributed to each node as part of the configuration process. If you are using mutual SSL, upload the SSL CA certificate file. Make sure the SSL certificate is issued for the load balancer’s host name.Ĭonfigure the initial Tableau Server node for SSL. For assistance, refer to the documentation provided for the load balancer. In this scenario, you would then configure the load balancer to connect to Tableau Server over port 443. Or if you want to use a port other than 443, you can configure the external load balancer to terminate the non-standard port from the client. When you want to use SSL on all Tableau Server nodes that run a gateway process, you complete the following steps.Ĭonfigure the external load balancer for SSL passthrough. For more information, continue to the following section.Īdditional configuration information for Tableau Server cluster environments It’s all handled by the load balancer.Ĭonfigure Tableau Server for SSL: Traffic is encrypted from the client web browsers to the load balancer, and from the load balancer to the Tableau Server gateway processes. No SSL configuration in Tableau Server is required by you. Traffic from the load balancer to the Tableau Server gateway processes is not encrypted. If you are configuring this type of cluster for SSL, you have the following choices:Ĭonfigure the load balancer for SSL: Traffic is encrypted from the client web browsers to the load balancer. SSL with multiple gatewaysĪ highly available Tableau Server cluster can include multiple gateways, fronted by a load balancer. If the initial node is the only one running the gateway process (which it does by default), you need to configure SSL only on that node, using the steps described in this topic. You can configure a Tableau Server cluster to use SSL. Note: If you plan to configure Tableau Server for single-sign on using SAML, see Using SSL certificate and key files for SAML in the SAML requirements to help determine whether to use the same certificate files for both SSL and SAML. Many clients (Tableau Prep, Chrome and Firefox browsers, etc) require valid entry in the SAN field to establish a secure connection. Verify that the domain, host name, or IP address that clients use to connect to Tableau Server is included in the Subject Alternative Names (SAN) field.
pem).įor multiple sub-domains, Tableau Server supports wildcard certificates. All certificates in the file must be x509 PEM-encoded and the file must have a. The chain file is a concatenation of all of the certificates that form the certificate chain for the server certificate.
TABLEAU DOWNLOAD 8.3 ANDROID
The chain file is also required for the Tableau Mobile app if the certificate chain for Tableau Server is not trusted by the iOS or Android operating system on the mobile device.
TABLEAU DOWNLOAD 8.3 MAC
SSL certificate chain file: A certificate chain file is required for Tableau Desktop on the Mac and for Tableau Prep Builder on the Mac and Tableau Prep Builder on Windows. However, if you want to use the same certificate for SSL and SAML, you must use a key file that is not passphrase protected. The passphrase you enter during configuration will be encrypted while at rest. You can choose to passphrase-protect the key file. The key file must be a valid RSA or DSA private key file (with the extension. In addition to the certificate file, you must also acquire a corresponding SSL certificate key file. Most browsers no longer connect to a server that presents an SHA-1 certificate. Use a SHA-2 (256 or 512 bit) SSL certificate. When you acquire an SSL certificate for external communication to and from Tableau Server, follow these guidelines and requirements:Īll certificate files must be valid PEM-encoded X509 certificates with the extension. Names within the same domain, are also supported. Wildcard certificates, which allow you to use SSL with many host You can also use an internal certificate issued by your company.
SSL certificate requirementsĪ trusted authority (for example, Verisign, Thawte, Comodo, GoDaddy). Mutual SSL authentication is not supported on Tableau Mobile.
TABLEAU DOWNLOAD 8.3 INSTALL
For a basic primer about SSL and Tableau Server, see Using SSL to encrypt Tableau Server communication (Link opens in a new window) in the Everybody's Install Guide.
0 kommentar(er)
