...
Mount the certificate into /application/certs/ in the backend container and then set server.ssl.key-store to the full path of the certificate, e.g. /applications/certs/backend.p12.
About the database encryption password
The value you provide for jasypt.encryptor.password is used to derive a key which in turn is used to encrypt sensitive information (e.g. api keys) in the database. If you change the password later and restart the backend, the key will be different you will run into errors. It is recommended to choose a secure password initially and stick to it, but if you have to change the password, you can follow this procedure:
Set
jasypt.encryptor.passwordto your new password and add an additional propertyjasypt.encryptor.old-passwordset to your old password.Now startup the backend. It will decrypt all sensitive information in the database with the key derived from the old password and the encrypt it again with the key derived from the new password. Once the process is finished, the container will exit.
Now remove
jasypt.encryptor.old-passwordand start the backend again.
About Backend scalability
The backend does currently not support multiple parallel instances. Do not run more than 1 backend process The main issue is that agents would connect their websocket to only 1 backend instance and then to some instances the agent would appear connected and to others it would not.
...