The following SSL encrypted communications are supported for a load balancer deployment.
Communications between the browser and the Hybrid Data Pipeline Web UI when the load balancer is configured for SSL.
Communications between applications using the REST API, including the OData API, and the load balancer.
Communications between the JDBC or ODBC drivers and the load balancer.
Communications between the On-Premises Connector and the load balancer.
Important: SSL connections between the load balancer and the Hybrid Data Pipeline nodes are currently not supported.
The following guidelines should be used when implementing SSL in a Hybrid Data Pipeline environment.
The load balancer needs to be configured with the root certificate and any intermediate certificates necessary to establish the chain of trust to the root certificate.
The root certificate must be specified as the SSL certificate during installation of the Hybrid Data Pipeline server. When intermediate certificates are required for the trust chain, then the SSL certificate must be supplied in a PEM file format. When there are no intermediate certificates, then the SSL certificate can be supplied in either DER or PEM file format.
The SSL certificate specified during installation is used to generate the trust stores for the ODBC driver, JDBC driver, and On-Premises Connector. These files are written to the redist directory of the key location upon installation. Before installing the ODBC driver, the JDBC driver, or the On-Premises Connector, the trust store and properties files in the redist directory must be copied to the installer directory of the component you are installing.
Communications between the browser and the Hybrid Data Pipeline Web UI when the load balancer is configured for SSL.