This is relevant from Sisense V6.7 and later.
If the application database is hosted on another server, Sisense supports the SSL (Secure Sockets Layer) protocol to ensure that your connection to the application database is secure.
To establish an SSL connection with an application database hosted on another server, you must first obtain a certificate by creating your own or through a 3rd party provider and then import the certificate into both your Sisense and non-Sisense servers. Once the certificates are on both servers, you need to update Sisense configuration files that define the location of those files.
This procedure explains how to modify these configuration files to enable SSL.
To enable SSL for the Sisense application database:
- Open the MongoDB configuration file, mongodbconfig.conf, located at:
- In the configuration file, define the locations of your PEM file and the CRT file if you are using signed certificates.
PEMKeyFile: “path to mongodb.pem file”
CAFile: “path to certificate.crt file” (only if using signed certificate)
- Save your changes to the mongodbconfig.con file and open the default.yaml located at:
- In the default.yaml file, define the values for the following parameters under db_security:
sslEnabled: A boolean value. The default value is false. This value should be true when using SSL.
sslValidate: A boolean value. The default value is false. This value should be true when using self-signed certificates.
certFilePath: A string value that represents the location of your CRT file.
pemKeyFilePath: A string value that represents the location of your mongodb.pem file.
caFilePath: A string value that represents the location of your CA file when using self-signed certificates.
sslValidate: false (only if using self-signed certificate)
certFilePath: 'path to certificate.crt file'
pemKeyFilePath: 'path to mongodb.pem file'
caFilePath: 'path to CA file' (only if using signed certificate)
- Save your changes and open the Sisense.WebQueryService.exe.config file located at:
- Edit the connection string and add the SSL flag:
<add name="Mongo" connectionString="mongodb://AppUser:we6jBsd0K6lvfaTmA==@localhost:27018/admin?ssl=true" />
- Under <apSettings>, add two new fields:
<add key=”SslPfxFilePath” value=”path to the PFX file”/><add key=”SslPfxFilePassword” value=”PFX file password”/>Note: If you are using self-signed certificates, you can add it to the trusted root certificate authorities of your operating system by running the PFX file.
- Save your changes. SSL is now enabled. If you need to connect directly to your MongoDB with an application such as RoboMongo, you can enter your SSL configuration when creating or editing a connection.
Hey! Was this article helpful?
Questions? Ask the community.