Configuring SSL on load balancer

Configuring SSL termination at the load balancer, which is required, involves configuring your load balancer pool with your SSL certificate information and the addresses of your web app nodes, then ensuring your JiveURL property matches the load balancer.

This procedure describes how to configure SSL termination at the load balancer, which is required to effectively secure your installation. Running the Jive site behind a load balancer allows you to operate your Jive web application nodes on a separate, non-public network. For this reason most customers find it sufficient to terminate SSL at the load balancer and proxy http connections to the web application nodes. For information on how to also configure SSL encryption between your load balancer and each web application node, see Configuring SSL between load balancer and web app nodes.

Note: To ensure consistent results, you should enable SSL for your UAT environment as well as your production instance of Jive. To properly test and implement SSL, you need certificates for community.yourdomain.com (Production) as well as community-uat.yourdomain.com and apps.community-uat.yourdomain.com (UAT). If you're a hosted customer, you can contact Support instead of using the steps below to apply the certificates. For more information about Apps subdomain security, see Creating secure subdomains for apps.

To configure SSL termination at the load balancer:

  1. Configure your load balancer pool to use the SSL certificates you've acquired for your sites.
  2. Create a DNS record for each domain that resolves to your load balancer pool's IP address.
  3. Add all of your site's web application node addresses and ports to the balancer pool. For example, add:
    http://myapp-wa01.internal.mycompany.com:8080
    http://myapp-wa02.internal.mycompany.com:8080
    http://myapp-wa03.internal.mycompany.com:8080
  4. On each of the webapp nodes, set the required proxy-related properties and restart. For example:
    jive set webapp.http_proxy_name community.mycompany.com
    jive set webapp.http_proxy_port 443
    jive set webapp.http_proxy_scheme https
  5. Make sure that the jiveURL property in Jive's core database is set to the address of the load balancer by going to System > Management > System Properties and checking the setting of the jiveURL system property.
  6. Restart Jive on all the web application nodes.