I am looking to learn more about configuring HTTPS for our application. We were suggested to place our certificate on the load balancer but the reference article I found for Pega seems to suggested placing on the application server. We are looking for one way ssl.
Any changes needed in the ear file?
Should we try the load balancer or the server for our certificate?
Our application has services (REST SOAP) used by other systems. Will there need to be any additional settings there?
What steps are handled in infrastructure vs what steps are handled inside of Designer Studio?
Thank you in advance for any help!
Load Balancer: F5
Application Server: JBoss
Version: Pega 7.4
***Edited by Moderator: Pooja Gadige to add platform capability tag***
@Benneal92 , TLS (ssl) offloading typically happens on your F5. Depending on your security needs and infrastructure setup you could re-encrypt the traffic and terminate at your application server as well (or at container-platform ingress point). Given that you're still on Pega 7.4 I assume you're not dealing with a very security minded organization, so I don't expect you're planning to perform re-encryption. Meaning there's nothing you need to configure on JBoss, EAR, Designer Studio or service rules. As a next step I suggest to take a look at things like securing your cookies with prconfig/HTTP/SetSecureCookie/default and other settings as suggested in