How to Configure SSL

This topic provides step-by-step instructions for configuring Secure Sockets Layer (SSL) in TheHive for AD, LDAP, and OAuth 2.0 authentication providers.

This guide provides configuration instructions for different environments:

• DEB package
• Docker environment

DEB package

1. Edit the TheHive environment configuration:

   Open the /etc/default/thehive file and uncomment the JAVA_OPTS variable.

   Set the path to your Java KeyStore (JKS) file:

   JAVA_OPTS="-Djavax.net.ssl.trustStore=</path/to/your-jks-file>.jks -Djavax.net.ssl.trustStorePassword=<your-keystore-password>"
   

2. Restart TheHive service:

   sudo systemctl restart thehive
   

Docker environment

1. Mount the Java KeyStore (JKS) inside the container:

   Make sure your KeyStore is accessible from within the Docker container by mounting it as a volume:

   docker run -d \
     -e "JAVA_OPTS=-Djavax.net.ssl.trustStore=/container/path/<your-jks-file>.jks -Djavax.net.ssl.trustStorePassword=<your-keystore-password>" \
     -v </host/path/to/jks>:</container/path> \
     your-thehive-image
   

2. Restart TheHive Docker container:

   docker restart <your-thehive-container>
   

Next steps

• How to Configure Authentication
• Configure a Local Authentication Provider
• Configure an Active Directory Authentication Provider
• Configure an LDAP Authentication Provider
• Configure an OAuth 2.0 Authentication Provider
• Configure a SAML Authentication Provider