By default Privacera creates self-signed SSL certificates for accessing the Web Interfaces and REST end points. You have the option to bring your own SSL certificates or CA Signed Certificates. There are multiple endpoints. You can create a wild card certificate or get individual certificates.
Given below are the list of all the end points from Privacera. You might have to get the SSL certificates for the services you will be enabling.
|Service||Domain Prefix||Privacera Features|
|Ranger Admin||ranger||Access Manager, Encryption|
|Privacera Portal||portal||Access Manager, Discovery, Encryption|
|Privacera Data Access Server||dataserver||Access Manager|
|Privacera Audit Server||auditserver||Access Manager, Discovery, Encryption|
|Apache Solr||solr||Access Manager, Discovery, Encryption|
If you are using Privacera Encryption, then there is an option to store the master key in external HSM. If you intend to use external HSM, then the following are supported.
Encryption Key for StorageClass#
If you are deploying Privacera in Kubernetes and if you are using encrypted StorageClass, then the key used will be needed during configuring Privacera. So please make it available