MATLAB® Production Server™ uses HTTPS to establish secure connections between server instances and clients. HTTPS provides certificate-based authentication for the client to validate the connection to the server. Optionally, you can configure HTTPS such that the server can provide certificate-based authentication of the client. For more information on configuring client authentication, see Configure Client Authentication. HTTPS also provides an encrypted data path between the clients and server instances.
To configure HTTPS, specify the following properties in the
main_config configuration file of the server instance:
For more information about the server configuration file, see Edit the Configuration File.
The following configuration excerpt configures a server instance to accept secure
connections on port port, using the certificate stored in
./x509/my-cert.pem and the unencrypted private key stored in
... --https port --x509-cert-chain ./x509/my-cert.pem --x509-private-key ./x509/my-key.pem ...
Starting in R2019b, if
https is enabled on the server, you must set
properties; otherwise, the server fails to start.
In production settings that require greater security than that provided by an
unencrypted private key, use an encrypted private key. You specify the passphrase for
decrypting the private key in a file with owner-read-only access, and use the
x509-passphrase property to tell the server instance about it.
... --https port --x509-cert-chain ./x509/my-cert.pem --x509-private-key ./x509/my-key.pem --x509-passphrase ./x509/my-passphrase ...
You must set either the
http property, the
https property or both properties for the server to start. To
ensure that clients communicate with the server using only HTTPS and not HTTP, you must
http property. If both the
http properties are enabled, clients can communicate with the
server using both HTTPS and HTTP. It is recommended that you enable the
https property unless HTTP support is required.