AlgoTraderAlgoTrader Documentation

Chapter 27. Processes and Networking

27.1. SSL security
27.1.1. Importing Certificate into Chrome Browser

By default AlgoTrader is assumed to be running within a secure network segment wherein user authentication and authorization as well SSL security are enforced by the runtime environment / operating system. The AlgoTrader process, individual strategy process and browsers running the HTML5 front-end exchange data unencrypted primarily to avoid overhead of encryption for maximal performance.

SSL security can be activated through the following property in conf.properties. Alternatively the properties can be changed via Section 2.3, “VM Arguments”:

# TLS/SSL transport security
ssl.enabled = true

By default AlgoTrader ships with a self-signed certificate. It is strongly recommended to procure a certificate from a major CA (certification authority) trusted by common browsers. As an alternative one can import the self-signed certificate shipped with AlgoTrader into the browser. However this approach is strongly discouraged for productive use.

To use SSL security please update the following properties in conf.properties. Alternatively the properties can be changed via Section 2.3, “VM Arguments”:

# Keystore with SSL key
ssl.keystore = classpath://identity.jks

# Keystore type (JKS will be assumed by default)
ssl.keystoreType =

# Keystore password
ssl.keystorePassword = password

# Private key password
ssl.keyPassword = password

When running with TLS transport security turned on AlgoTrader also enforces BASIC user authentication with a user name and a password when logging into the HTML5 front-end. User credentials can be provided in conf.properties. Alternatively the properties can be changed via Section 2.3, “VM Arguments”:

# Web UI user name
jetty.user = myusername

# Web UI password
jetty.password = secret