Stop the war

Stand with Ukraine flag

Support Ukraine

Try it now Pricing
PE Edge
Community Edition Professional Edition Cloud Edge PE Edge IoT Gateway License Server Trendz Analytics Mobile Application PE Mobile Application MQTT Broker
Documentation > Security > Edge over TLS/SSL
Getting Started
Installation Architecture API FAQ

Edge over TLS/SSL

This guide provides instructions on how to secure connections between ThingsBoard and Edge instances using gRPC connections over TLS/SSL.

It is divided into two parts: configuring the server side (the platform) and the client side (the edge).

TLS configuration of the platform

The guide suggests using HAProxy as the TLS termination point for the platform.

Ensure that you have configured Edge TLS communication in HAProxy for the Ubuntu Server by following these Post-installation steps.

Ensure that you have configured Edge TLS communication in HAProxy for the CentOS/RHEL Server by following these Post-installation steps.

Configuring Edge to Use TLS Connection

Ubuntu or CentOS/RHEL

To enable TLS communication on the Edge, execute the following command on Ubuntu or CentOS/RHEL installations:

1
2
3
sudo sh -c 'cat <<EOL >> /etc/tb-edge/conf/tb-edge.conf
export CLOUD_RPC_SSL_ENABLED=true
EOL'

To apply the changes, the Edge must be restarted:

1
sudo systemctl restart tb-edge
Docker

For Docker setups, ensure that the CLOUD_RPC_SSL_ENABLED variable in the docker-compose.yml file is set to ‘true’.

After this change, the ThingsBoard Edge docker container needs to be restarted using the command:

1
docker compose restart mytbedge

Next Steps