SSL
Kadeck supports access via https as long as an SSL certificate is configured.
The example below uses a self-signed certificate but we recommend the usage of certificates issued by trusted providers.
Creating a self-signed certificate and keystore (for demo purposes only)
The following command, will create a self-signed RSA certificate with 2048 bits and store it inside a keystore file:
- keytool -genkey -keyalg RSA -alias kadeckweb -keystore selfsigned.jks -validity <days> -keysize 2048
Enter the password to access the certificate in the keystore and then fill in the rest of the requested data.
To validate that the keystore has a valid certificate, run the following command:
- keytool -list -v -keystore selfsigned.jks
The tool should prompt for the password to access the certificate and show the information entered in the previous steps.
Configuring the KaDeck docker container
Start the container using the following environment variables and volume:
- docker run -d --network host --name=kadeckweb -e xeotek_kadeck_secret="<secret>" -e xeotek_kadeck_teamid="<teamid>" -e xeotek_kadeck_port=443 -e xeotek_kadeck_keystore_path="/opt/xeotek/selfsigned.jks" -e xeotek_kadeck_keystore_pass="<your_keystore_password>" -e xeotek_kadeck_keystore_alias="<your_keystore_alias>" -v "<absolute_path_to_jks_file>":"/opt/xeotek/selfsigned.jks" xeotek/kadeckweb
<teamid> and <secret> are the credentials to access your licenses.
<your_keystore_pass> and <your_keystore_alias> are values defined previously. The `- alias` parameter passed to keytool corresponds to the keystore alias and the password is the same as the one prompted to access the certificate.
<absolute_path_to_jks_file> as the name refers is the path on the OS where the keystore file is located.
The port 443 needs to be configured as Kadeck doesn't automatically set the port to 443 when the SSL configuration is configured.
Related Articles
General SASL/Keberos configuration
This article describes how to configure a server connection with SASL and Kerberos correctly. Introduction Kadeck supports a variety of configurations when connecting to a server using SASL. Supported security protocols SASL_PLAINTEXT SASL_SSL ...Connect to Digital Ocean
This guide walks you through the steps to connect to a Kafka cluster on DigitalOcean using Kadeck. By following these instructions, you'll be able to set up a secure connection to your Kafka cluster and start managing your topics seamlessly. ...Connect to Amazon MSK
This article describes how to connect Kadeck Teams and Kadeck Desktop to Amazon MSK. Important note: Connecting to Amazon MSK with Kadeck Teams is straight forward if Kadeck Teams is deployed inside the same VPC (e.g., as EC2 or ECS instance). Learn ...Release 5.X
This article describes the changes of the version 5.x update. Latest image tag: xeotek/kadeck:5.3.0 Release 5.3 We're excited to announce the release of Kadeck 5.3.0, bringing essential updates to our platform: Auth/OpenID Authentication Integration: ...Configure LDAP Basic module
Active Directory (AD) and OpenLDAP are supported to authenticate users. LDAP is only available to specific licenses. LDAP is configured via Startup Parameters with the prefix xeotek_kadeck_authentication_ldap. To enable LDAP, the ...