+2 votes

Is there a way of securing the JSON RPC network traffic please?


asked Oct 28, 2016 by fuzz

1 Answer

0 votes

We haven't yet tested or documented this, but there's a set of -rpcssl* options that you can see when you run multichaind with no parameters. MultiChain *should* have inherited all this functionality from Bitcoin Core, but like I said, we haven't tested it yet. If you're feeling brave, please take a look and tell us what you find.

answered Oct 28, 2016 by MultiChain
Well, I tested it & it works fine for me. I generated a X.509 certificate along with a private key, put the appropriate parameters in my command line and it worked just well on both a browser and a Java client. Note for the future: a possibility to use an encrypted private key file (PKCS#8 or PEM) would be fine, it's never good to keep a private key in clear on a filesystem.
Here's the doc for the multichaind SSL parameters:
RPC SSL options
  -rpcssl                                  Use OpenSSL (https) for JSON-RPC connections
  -rpcsslcertificatechainfile=<file.cert>  Server certificate file (default: server.cert)
  -rpcsslprivatekeyfile=<file.pem>         Server private key (default: server.pem)
  -rpcsslciphers=<ciphers>                 Acceptable ciphers (default: TLSv1.2+HIGH:TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH)