Protecting external communication with HTTPS
In this section, we will learn how to prevent eavesdropping on external communication, for example, from the internet, via the public APIs exposed by the edge server. We will use HTTPS to encrypt communication. To use HTTPS, we need to do the following:
- Create a certificate: We will create our own self-signed certificate, sufficient for development purposes
- Configure the edge server: It has to be configured to accept only HTTPS-based external traffic using the certificate
The self-signed certificate is created with the following command:
keytool -genkeypair -alias localhost -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore edge.p12 -validity 3650
The source code comes with a sample certificate file, so you don't need to run this command to run the following examples.
The command will ask for a number of parameters. When asked for a password, I entered password
. For the rest of the parameters, I simply entered an empty value to...