Masking Passphrase For JKS When Enabling TLS/SSL For MongoDB

In this post, I’ll share how to set up and hide the passphrase when enabling HTTPS and TLS for MongoDB in Ambience202x.

In this example, we assume the CA signed cert and Server CA signed cert are in the same machine where Ambience202x is running.

1. Import the certs into etc/https

2. Create a file containing the JKS passphrase and location of the certs

3. Append the following to the run-server
a. If you run Ambience202x as a service. The passphrase won’t be visible as a clear-text password.