Skip to main content

TLS with JavaScript Clients

Configuring JavaScript Clients to Use TLS with InterSystems IRIS

You can configure a JavaScript client application to use TLS when it communicates with InterSystems IRIS® data platform. To establish a JavaScript connection using TLS:

  1. Configure the superserver to use TLS as described in Configuring the InterSystems IRIS Superserver to Use TLS.

  2. Ensure that you have installed any relevant CA certificates for verifying the server certificate.

  3. Create SSLDefs.ini with a definition for your application in either the root of the installation directory C:\Program Files (x86)\Common Files\InterSystems\IRIS\ (Windows) or in an arbitrary location (Linux/UNIX®). The following example SSLDefs.ini creates a definition named GDConfig. For details on SSLDefs.ini, see Connecting from a Windows Client Using a Settings File:

    [IRIS]
Address=127.0.0.1
Port=1972
SSLConfig=GDConfig
 
[GDConfig]
TLSMinVersion=16
TLSMaxVersion=32
KeyType=2
VerifyPeer=0
CipherList=ALL:!aNULL:!eNULL:!EXP:!SSLv2
Ciphersuites=TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
Password=apasswordifany
CertFile=path/to/Cert.pem
KeyFile=path/to/Key.pem
CAfile=path/to/CACert.pem
 
[GDConfig2]
TLSMinVersion=16
TLSMaxVersion=32
KeyType=2
VerifyPeer=0
CipherList=ALL:!aNULL:!eNULL:!EXP:!SSLv2
Ciphersuites=TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
Password=apasswordifany
CertFile=path/to/AnotherCert.pem
KeyFile=path/to/AnotherKey.pem
CAfile=path/to/AnotherCACert.pem

  4. Specify the definition in your connection string. The method for doing this varies between platforms:

    • Windows — Specify the host and port used by your application and set the sslconfig parameter to true:

      const IRISNative = require('intersystems-iris')

const connection =  IRISNative.createConnection({host:'127.0.0.1', port:1972, ns:'USER', user:'_SYSTEM', pwd:'SYS', sslconfig=true})

    • Linux/UNIX® — Set the environment variable ISC_SSLconfigurations to the path of SSLDefs.ini and specify the name of the definition you want to use with the sslconfig parameter:

      const IRISNative = require('intersystems-iris')

// On Linux and Unix, lookup is based on a provided configuration name, so GDConfig2 is used
const connection =  IRISNative.createConnection({host:'127.0.0.1', port:1972, ns:'USER', user:'_SYSTEM', pwd:'SYS', sslconfig='GDConfig2'})
...
connection.close()
TLS and Windows with .ini FileNext section
Previous sectionTLS with .NET Clients
FeedbackOpens in a new tab