Securing Monitoring Gateway Services

To secure an FTL monitoring gateway service (tibmongateway process), complete this task.

Example Command Line

tibmongateway
               --ftlserver https://ftl1:8585|https://ftl2:8585|https://ftl3:8585
               --password-file mon-gw-creds.txt
               --ftlserver-trust-file ftl-trust.pem
               --influx-server https://influx-host:8086
               --influx-trust-file inflx.pem

1. Connect only to secure FTL servers using HTTPS.
   When you supply the --ftlserver parameter on the gateway command line, specify a URL with HTTPS protocol.
2. Arrange authentication credentials to the FTL server.
   Supply the location of the gateway's credentials as the value of the --password-file parameter on the gateway command line. Ensure that this file is protected from unauthorized access.

   The user name in the file must be in the authorization group ftl.

   For further details, see "Monitoring Gateway Command Line Reference (tibmongateway)" in TIBCO FTL Monitoring.

   For file syntax, see "Password File" in TIBCO FTL Administration.

3. Arrange trust in the FTL servers.
   Arrange access to a copy of the FTL server trust file.

   Supply the file location as the value of the --ftlserver-trust-file parameter on the gateway command line.

   For further details, see "Trust File" in TIBCO FTL Administration.

4. Connect to the InfluxDB server.
   Supply a URL with HTTPS as the protocol as the value of the --influx-server parameter on the gateway command line.
5. Arrange trust in the InfluxDB server.
   Arrange access to a copy of the InfluxDB server public certificate file.

   Supply the file location as the value of the --influx-trust-file parameter on the gateway command line.