controller.portare still parsed and automatically translated to a http listener configuration to enable full backwards-compatibility. TLS-secured ingress must be configured through the new listener specifications.
-controllerProtocol httpsto enable secure access. Ingestion jobs similarly support an optional
tlsSpeckey to configure key/trststores. Note, that any console clients must have access to appropriate certificates via the JVM's default key/truststore.
client.auth.enabledflag. Bear in mind that any client (or server) interacting with a component expecting client auth must have access to both, a keystore and a truststore. This setting does NOT have apply to unsecured http or netty connections.