A common scenario is for companies to always require encrypted connections (TLS/SSL) to Data Virtuality and prevent insecure connections (non-TLS/non-SSL). *
Data Virtuality has TLS and non-TLS ports for connectivity. It is possible to disable the insecure ports. Modifying the transport will require a restart of Data Virtuality.
To disable non-TLS JDBC connections (port 31000)
CALL SYSADMIN.executeCli(script => '/subsystem=teiid/transport=jdbc:remove') ;;
To disable TLS JDBC connections (port 31001)
CALL SYSADMIN.executeCli(script => '/subsystem=teiid/transport=jdbc-ssl:remove') ;;
To disable non-TLS ODBC connections (port 35432)
CALL SYSADMIN.executeCli(script => '/subsystem=teiid/transport=odbc:remove') ;;
To disable TLS ODBC connections (port 35433)
CALL SYSADMIN.executeCli(script => '/subsystem=teiid/transport=odbc-ssl:remove') ;;
To disable OData connections (ports 8080 and 8443)
CALL SYSADMIN.executeCli(script => '/subsystem=teiid/transport=odata:remove') ;;
To disable Rest API connections (ports 8080 and 8443)
CALL SYSADMIN.executeCli(script => '/subsystem=teiid/transport=odata:remove') ;;
On a related topic, you can redirect HTTP (8080) connection to HTTPS (8443).
* TLS ports are encrypted ports providing secure data transmission between you and Data Virtuality. TLS is the successor technology to SSL.
Comments
0 comments
Please sign in to leave a comment.