Enabling SSL in Liberty for IBM Cloud Private
You can enable SSL to secure Liberty servers that run in IBM Cloud Private.
About this task
A minimal level of SSL is enabled by default. To configure secure communications, select one of
the following methods, which might depend on whether you run in a development or production environment:
- Automatically enable SSL, and generate self-signed certificates. Optimal for development, since
this is the simplest way to establish trust between applications. However, self-signed certificates
are inherently not trusted by a browser.
Typically, you select this option when you want to quickly enable secure communication between Liberty applications in a Kubernetes cluster. Generating self-signed certificates means that your browser window will require you to add an exception before you go to a specified URL.
- Enable SSL using third-party certificates.
Select this option to run Liberty in an environment where you already have existing third-party certificates with trust already established.
- Accept the default SSL values within the Liberty Docker image. Applications do not
automatically communicate across different servers when you accept this option.
By accepting these default values and not using the Kubernetes secrets, the server has its own identity and might not be able to communicate with other servers.
SSL is enabled by default. If you want to disable SSL, you can complete steps in this topic.