TLS Support

Server certificate

By default, STEVE listens on port 8080 and expects non-TLS requests. This can be changed by using the appropriate environment variables with Docker run. See: https://samtrafiken.atlassian.net/wiki/spaces/BOB/pages/2706964481.

If no server certificate is configured, STEVE’s default server certificate is used. It will be useful if the client can be configured to trust the default server certificate. If not, configure your own server certificate in STEVE and run STEVE behind a web server (Apache, NGINX) under a proper domain name matching the common name of the certificate.

Client certificate

A client certificate is not needed in the call to STEVE. If there is a client certificate present, it is always accepted. This certificate will not be included in the call from STEVE to the target system.

Configuration of the client certificate to use by STEVE in the call to the target system is done by uploading client certificate and key files in STEVE UI Config view.