GridGain Developers Hub

Securing Connection

GridGain Cloud supports JDBC and ODBC connectivity as well as REST protocol and thin clients. These APIs make it possible to use the managed offering for distributed SQL database and key-value store scenarios. Communication between your applications and GridGain Cloud is secured and encrypted. This article covers this in more details.

Authentication and Encryption

The communication channel between a cluster and your applications is always encrypted with the SSL/TLS protocol. GridGain Cloud generates a unique certificate for your account that must be used to open a secured connection from the applications' side. It’s required for all the available connectivity options such as JDBC/ODBC, REST, or thin clients.

First, when you start a new cluster make sure that a hard-to-hack password is set to prevent unauthorized access. Generate a long password with a combination of letters, digits, and symbols, as follows:​

GridGain Cloud Setup

Next, click on the name of an already started cluster from the running clusters list:

GridGain Cloud Clusters

and download the required SSL certificate:

GridGain Cloud Settings

Installing Self-Signed Certificate

Presently, GridGain Cloud certificates are self-signed which provokes warning messages in regards to an unsecured connection in browsers such as Google Chrome, Safari, and others.

To ignore this kind of warning, you need to install your self-signed certificate on your host operating system. The steps below outline how to do that on Mac OS:

  • Download your personal Java key store and export the self-signed certificate from it using the following command:

    keytool -export -alias server -file certfile.cer -keystore keyStore.jks -storepass <SSL Password>
  • Add the self-signed certificate to Mac OS by launching Keychain Access application. Just click on your certificate to start Keychain Access.

  • Add the certificate to the System category. It has to be added to the System category to ensure that all users and local system processes trust it.

  • Open the self-signed certificate in System (named as server by default), expand Trust, and select Always Trust for all the options. Save your changes.

If your operating system is different from Mac OS, then refer to its self-signed certificate installation guides.​