+

Search Tips | Advanced Search

For up-to-date product documentation, see the IBM MobileFirst Foundation Developer Center.


Security configuration for IBM MobileFirst Platform Foundation on IBM Containers

Your IBM MobileFirst™ Platform Foundation on IBM® Containers security configuration should include encrypting passwords, enabling application authenticity checking, and securing access to the consoles.


Encrypting passwords

Store the passwords for MobileFirst Server users in an encrypted format. We can use the securityUtility command available in the Liberty profile to encode passwords with either XOR or AES encryption. Encrypted passwords can then be copied into the /usr/env/server.env file. See Encrypting passwords for user roles configured in MobileFirst Server for instructions.


Application-authenticity validation

To keep unauthorized mobile applications from accessing the MobileFirst Server, enable the application-authenticity security check. Learn more...


Configure SSL for Operations Console and Analytics Console

We can secure access to the MobileFirst Operations Console and the MobileFirst Analytics Console by enabling HTTP over SSL (HTTPS) on the MobileFirst Server.

To enable HTTPS on the MobileFirst Server, create the keystore containing the certificate and place it in the usr/security folder. Then, update the usr/config/keystore.xml file to use the keystore configured.


Securing a connection to the back end

If you need a secure connection between your container and an on-premise back-end system, we can use the Bluemix® Secure Gateway service. Configuration details are provided in this article: Connecting Securely to On-Premise Backends from MobileFirst on IBM Bluemix containers.

Parent topic: Securing containers