Securing
This section provides information on securing your HCL Sametime environments.
- Encryption usage in Sametime
HCL Sametime uses several types of encryption to protect data. - Securing connections
The various connections to Sametime can be secured using TLS. - Enabling Single Sign-on
The HCL Sametime server installer enables required JSON Web Token (JWT) authentication. Additionally, the Sametime server supports Security Assertion Markup Language (SAML) and Lightweight Third Party Authentication (LTPA) Single Sign-on (SSO). - Setting up TLS for the Mongo database
You can update the MongoDB connection with the Sametime server to encrypt data flowing between the Sametime server and a TLS-enabled MongoDB. This step is optional but is recommended for multi-Kubernetes-cluster deployments. - Replacing the TLS certificates for Web Chat and Meetings
The Sametime server is pre-configured with a self-signed certificate. You can replace the self-signed certificate with a third party certificate. - Applying Let's Encrypt certificates
This topic describes how to replace the self-signed certificate with a third-party certificate. - Customizing HTTP Headers
This topic describes how to add or override HTTP headers. - Content Security Policy
This topic describes the default content security policy and how it might be configured differently as needed.