From 0137148d180077f1183294f646c25670f456e1c8 Mon Sep 17 00:00:00 2001 From: Matthew Nesbit Date: Wed, 13 Feb 2019 17:54:30 +0000 Subject: [PATCH] Add a bit more detail on how to use RPC with TLS. (#4751) --- docs/source/clientrpc.rst | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/source/clientrpc.rst b/docs/source/clientrpc.rst index f2f8bdd7bb..bc198f51f7 100644 --- a/docs/source/clientrpc.rst +++ b/docs/source/clientrpc.rst @@ -437,13 +437,14 @@ It is down to client code in this case handle those duplicate items as appropria Wire security ------------- -``CordaRPCClient`` has an optional constructor parameter of type ``ClientRpcSslOptions``, defaulted to ``null``, which allows -communication with the node using SSL. Default ``null`` value means no SSL used in the context of RPC. +If TLS communications to the RPC endpoint are required the node should be configured with ``rpcSettings.useSSL=true`` see :doc:`corda-configuration-file`. +The node admin should then create a node specific RPC certificate and key, by running the node once with ``generate-rpc-ssl-settings`` command specified (see :doc:`node-commandline`). +The generated RPC TLS trust root certificate will be exported to a ``certificates/export/rpcssltruststore.jks`` file which should be distributed to the authorised RPC clients. -In order for this to work, the client needs to provide a truststore containing a certificate received from the node admin. -(The Node does not expect the RPC client to present a certificate, as the client already authenticates using the mechanism described above.) +The connecting ``CordaRPCClient`` code must then use one of the constructors with a parameter of type ``ClientRpcSslOptions`` (`JavaDoc `_) and set this constructor +argument with the appropriate path for the ``rpcssltruststore.jks`` file. The client connection will then use this to validate the RPC server handshake. -For the communication to be secure, we recommend using the standard SSL best practices for key management. +Note that RPC TLS does not use mutual authentication, and delegates fine grained user authentication and authorisation to the RPC security features detailed above. Whitelisting classes with the Corda node ----------------------------------------