Skip to content

Configure SSL for Privacera services

If required, you can enable/disable SSL for the following Privacera services. Just add the SSL property of the service you want to configure to the vars.ssl.yml file, and set it to true/false.

  • Solr
  • AuditServer
  • Portal
  • Ranger
  • DataServer

Solr Service

To enable Solr SSL, use the following property:



If you are transitioning an existing, working non-SSL Privacera environment where all the Privacera services are running to SSL or vice-versa, then the entire update process would take around 15-30 minutes more to complete due to the additional Solr transition process included.

AuditServer Service

To enable AuditServer SSL, use the following property:


Portal Service

To enable Portal SSL, use the following property:


Grafana Service

To enable Grafana SSL, use the following property:


Ranger Service

To enable Ranger SSL, use the following property:


DataServer Service

Enabling DataServer Proxy SSL

To enable DataServer Proxy SSL, click the tabs to show the properties:

For self-signed certificates, use the following property:


For signed certificates, do the following:

  1. Copy the following three keys to the location ~/privacera/privacera-manager/config/ssl:

    • Signed PEM Full Chain
    • Signed PEM Private Key
  2. Add the following properties.


    (Optional) Along with the properties above, if your CA certificate is generated with a private key, then copy the Signed Root CA Public Key to the location ~/privacera/privacera-manager/config/ssl and add the following:


Disabling DataServer Proxy SSL

To disable DataServer Proxy SSL, then do the following:

  1. Set the value of the following property to false:

  2. When switching between Dataserver SSL to non-SSL or self-signed to signed, or vice-versa, then remove previously generated DataServer SSL configuration before you run Privacera Manager update.

    Use the following command:

    rm -rf ~/privacera/privacera-manager/config/ssl/dataserver*