๐๏ธ Security Properties File
The /xl-release-server-home/conf/security.properties file lets you override some of the default JVM settings based on your requirements. For example, you can override the default JVM values for parameters such as the networkaddress.cache.ttl, networkaddress.cache.negative.ttl.
๐๏ธ Password Configuration
This topic explains how to change the encryption key password and the admin user's password in Release.
๐๏ธ Enable Encrypted Passwords in Configuration Files
Release provides a mechanism to automatically encrypt passwords and enables you to refer to them, so you do not need to store third-party passwords in plain text in configuration files.
๐๏ธ Configure the Release Server Certificate
The Release Setup Wizard can generate a self-signed digital certificate for secure communications.
๐๏ธ Configure the Deploy Server Certificate
This topics provides information about creating and configuring a truststore, importing certificates, and adjusting Release settings to ensure secure communication with the Deploy server.
๐๏ธ Configure SSL Options for HttpRequest
This topic covers SSL options for HttpRequest, which are settings that enable secure communication between clients and servers.
๐๏ธ Configure HTTP Host Header Protection
To improve security, Digital.ai Release 23.1 and later, includes measures to prevent HTTP Host Header Injection attacks from causing random redirects. You can now add the white-listed host names to the hostnames key in the xl-release.conf file.
๐๏ธ Configure HTTP CSRF Protection
This topic covers Cross-Site Request Forgery (CSRF), a class of attack that forces an authenticated end user to execute unwanted actions on an application. You can configure CSRF protection in Release.
๐๏ธ Configure HTTP sameSite Cookie Configuration
This topic explains the sameSite attribute for session cookies in Digital.ai Release 22.1 and later, enhancing security by restricting cookies to first-party or same-site contexts.
๐๏ธ Configure Maximum Size of HTTP Request Header
With the maximum size of the HTTP request header set to 8KB (8192 bytes) it becomes difficult to pass the authentication tokens and scopes in headers. Hence with Release 24.1, you can use the server.max-http-request-header-size parameter to configure the maximum size of the HTTP request header that the Release server can accept. Setting an appropriate value for this parameter depends on the specifics of your application and environment.
๐๏ธ Configure Session Timeout
This topic outlines how to configure session timeout and session storage settings in Release.
๐๏ธ Configure Pendo Analytics and Guidance
Pendo.io is a Product Analytics platform used in Release to enrich the product experience and provide insights to the product management team.