Sonatype CLM Server - Installation And Deployment Guide

3.8. HTTPS/SSL

One option to expose the CLM server via https, is to use an external server like Apache httpd or nginx and configure it for reverse proxying the external connections via https to internal http connection. This reverse proxy can be installed on the same server as the Sonatype CLM server or a different server and numerous tutorials for this setup are available on the internet.

A second option is to directly configure SSL support for Dropwizard by modifying the http: segment in the config.yml file following the example in HTTPS Configuration in config.yml.

HTTPS Configuration in config.yml

http:
  port: 8443
  adminport: 8471

  connectorType: nonblocking+ssl

  ssl:
    keyStore: /path/to/your/keystore/file
    keyStorePassword: yourpassword

The keystore file can be generated and managed with the keytool. Further documentation is available in the Dropwizard documentation and the documentation for keytool.