Enable TLS between Client and DPG

For Kubernetes deployment with Helm

1. In the values.yaml file, under configuration, set the value of tlsenabled to true to configure DPG as a TLS terminator for clients.

2. Add the below lines to the data section of kind:Secret in the deployment.yaml file.

           data:
                 server.crt: {{.Values.configuration.servercrt}}
                 server.key: {{.Values.configuration.serverkey}}
   

3. Update your DPG deployment using the following command.

       helm upgrade <helm-chart-name> <path-of-helm-chart> -n <namespace>
   

For Kubernetes deployment without Helm

1. In your deployment file, in the data section of ConfigMap, set TLS_ENABLED to true.

2. Add the below lines to the data section of kind:Secret in the deployment.yaml file.

           data:
             server.crt: <tls-certificate>
             server.key: <tls-key>
   

3. Update your DPG deployment using the following command.

       kubectl replace -f `<deployment_filename>` -n `<namespace>
   

For Standalone deployment

1. Stop the existing container.

2. In the environment variable, set the TLS_ENABLED field to true. When you set TLS_ENABLED to true, you must specify the following variables:

   • CERT_VALUE

   • KEY_VALUE

3. Restart the container using the following command.

       docker run -d --name < name> -p <host-port>:<DPG_port> -e "KMS=<ipaddress/hostname>" -e "TLS_ENABLED=true" -e "CERT_PATH=<cert value>" -e "KEY_PATH=<key value>" -e "REG_TOKEN=<registrationtoken>" -e "DESTINATION_URL=<destinationurl>" -e "DPG_PORT=<DPG_port>" <DPG-image-name>