If your network configuration requires using TLS (Transport Layer Security) encryption for communication with the Flow Server, this can be enabled by locating/creating a "bootstrap.settings" file and adding the following to the file.
{"useHttps":true}
See the article How do I change the default port that Flow components use to communicate with each other? for more information on the bootstrap.settings file.
If you've already changed the default port, as per that article, then you will need to include port properties in the bootstrap.settings file. For example:
{"port":80, "useHttps":true}
NOTE: For instances with HTTPS configured
If you are using HTTPS, you will need to add the following arguments to your Bootstrap.settings file immediately after installing Flow 7.0. Do this on all servers in your environment running a Flow Bootstrap.
- {"certificateStoreLocation" : "STORE_LOCATION"}, where STORE_LOCATION is either CurrentUser or LocalMachine
- {"certificateStoreName" : "STORE_NAME"} where STORE_NAME is either AddressBook, AuthRoot, CertificateAuthority, Disallowed, My, Root, TrustedPeople, or TrustedPublisher
- {"certificateSubject" : "SUBJECT"} where SUBJECT refers to the value of the "Subject" field in your certificate. Either a CertificateSubject or a CertificateHash must be specified.
- {"certificateHash" : "THUMBPRINT"} where THUMBPRINT refers to the value of the "Thumbprint" field in your certificate. Either a CertificateHash or a CertificateSubject must be specified.
- {"allowInvalidCertificates" : true} where the value is set to true if the validity check for the certificate should by bypassed/ignored. Set to false if only valid certificates are permitted.
Arguments 1 and 2 are mandatory. Either argument 3 or 4 must be specified. Argument 5 is optional. Once the changes are made to the Bootstrap.settings file, restart the Flow Bootstrap service.
Failure to make the above changes will cause HTTPS communication to fail.
For example, combining all the settings above, your bootstrap.settings file may look similar to:
{"port":80, "useHttps":true, "certificateStoreLocation" : "LocalMachine", "certificateStoreName" : "My", "certificateHash" : "2796bae63f1801e277261ba0d77770028f20eee4", "allowInvalidCertificates" : true}