Encrypt communication between the application and database servers

To prevent your data from being exposed in a readable format on the network, use Secure Socket Layer (SSL) to encrypt the network traffic between the application and the database servers.

If you have a dedicated server for your database (operational database or datamart database), encrypt the data traffic between the application and database servers and between the ETL and datamart servers.
Important: The following steps are applicable only in a multi-box installation setup.

Log onto the server as root user always

  1. Stop TeamForge in all the servers.
    • /etc/init.d/collabnet stop all
  2. Add the following site option tokens in all the TeamForge servers.
    1. If the operational database is running on a separate server, include the token DATABASE_SSL=on.
    2. If the datamart database is running on a separate server, include the token REPORTS_DATABASE_SSL=on
      Note: It is mandatory to include the tokens specified above in all the servers.
  3. Recreate the runtime environment in all the TeamForge servers.
    • cd /opt/collabnet/teamforge-installer/8.0.0.1
    • ./install.sh -r -n -V -d /opt/collabnet/teamforge
  4. Start TeamForge in all the servers.
    • /etc/init.d/collabnet start all
  5. Verify that your PostgreSQL database is running in the SSL mode.
    1. Log in to the database server.
    2. Run the following command:
      • grep "ssl = " var/lib/pgsql/9.3/data/postgresql.conf
      • Observe:"ssl = on"