Title
Create new category
Edit page index title
Edit category
Edit link
Enable Native SSL/TLS for Pulse Web UI
You can enable SSL/TLS support for the Pulse Web UI without using the AD Proxy (Traefik) container.
This configuration allows users to access the Pulse Web UI directly over HTTPS through the Pulse UI container.
The ad-graphql (OLD Pulse UI) has been deprecated and has been replaced by ad-pulse-ui (NEW Pulse UI) starting from version 4.0.x and above.
SSL Configuration Variables
The Pulse UI SSL/TLS behavior is controlled through environment variables defined in the ad-core.yml configuration file under the ad-pulse-ui service.
Configuration File Location
xxxxxxxxxx$AcceloHome/config/docker/ad-core.ymlConfiguration Section
xxxxxxxxxxad-pulse-ui: environment: - SSL_ENFORCED=false - SSL_ENABLED=false - SSL_KEYDIR=/etc/acceldata/ssl/ - SSL_KEYFILE=ssl.key - SSL_CERTDIR=/etc/acceldata/ssl/ - SSL_CERTFILE=ssl.crt - SSL_PASSPHRASE=""Configure these variables to enable HTTPS and specify the SSL certificate and key files used by the Pulse Web UI.
| Variable Name | Default Value | Mandatory | Description |
|---|---|---|---|
SSL_ENFORCED | false | Yes | Enforces HTTPS for the UI port inside the container. When set to true, the HTTP port is disabled. |
SSL_ENABLED | false | Yes | Enables HTTPS for the UI port inside the container. When SSL_ENFORCED=false, both HTTP and HTTPS can be used. |
SSL_KEYDIR | /etc/acceldata/ssl/ | No | Directory inside the container where the SSL/TLS key file is located. |
SSL_KEYFILE | ssl.key | No | Name of the SSL/TLS key file. |
SSL_CERTDIR | /etc/acceldata/ssl/ | No | Directory inside the container where the SSL/TLS certificate file is located. |
SSL_CERTFILE | ssl.crt | No | Name of the SSL/TLS certificate file. |
SSL_PASSPHRASE | Empty | No | Passphrase for the SSL/TLS key file, if applicable. |
Before You Begin
Obtain the SSL certificate and private key files required for HTTPS access.
Copy the files to:
xxxxxxxxxx$AcceloHome/config/proxy/certsRename the files exactly as:
xxxxxxxxxxssl.crtssl.keyEnsure both files are readable by all Linux users:
xxxxxxxxxxchmod 0644 $AcceloHome/config/proxy/certs/ssl.crtchmod 0644 $AcceloHome/config/proxy/certs/ssl.keyConfigure SSL/TLS
Step 1: Verify the Configuration File
xxxxxxxxxxls -lha $AcceloHome/config/docker/ad-core.ymlIf the file does not exist, generate it:
xxxxxxxxxxaccelo admin makeconfig ad-coreStep 2: Configure SSL Environment Variables
Open ad-core.yml and locate the ad-pulse-ui section.
To enable HTTPS only:
xxxxxxxxxx- SSL_ENFORCED=true- SSL_ENABLED=trueWith this configuration:
- HTTPS is enabled.
- HTTP access is disabled.
- Users can access the Pulse Web UI only through HTTPS.
To enable both HTTP and HTTPS:
xxxxxxxxxx- SSL_ENFORCED=false- SSL_ENABLED=trueWith this configuration:
- HTTPS is enabled.
- HTTP remains enabled.
- Users can access the Pulse Web UI using either HTTP or HTTPS.
Step 3: Mount the Certificate Directory
Add the SSL certificate directory to the volumes section:
xxxxxxxxxxvolumes: - /etc/localtime:/etc/localtime:ro - /etc/hosts:/etc/hosts:ro - ./work/license:/etc/acceldata/license:ro - ./config/proxy/certs:/etc/acceldata/sslStep 4: Configure Network Ports
Enable both HTTP and HTTPS:
xxxxxxxxxxports: - 4000:4000 - 4001:4001- Port 4000 = HTTPS
- Port 4001 = HTTP
Example of exposing HTTPS on a different host port:
xxxxxxxxxxports: - 80:4000Step 5: Save the Configuration
Save and close the ad-core.yml file.
Step 6: Restart the Pulse UI Service
xxxxxxxxxxaccelo restart ad-pulse-uiVerify the Configuration
Check Container Logs
xxxxxxxxxxdocker logs -f ad-pulse-ui_defaultVerify Port Exposure
xxxxxxxxxxdocker ps -a | grep ad-pulse-ui_defaultAccess Pulse Using HTTPS
xxxxxxxxxxhttps://<hostname>:<https-port>Example:
xxxxxxxxxxhttps://pulse.example.com:4000Result
If the Pulse UI container starts successfully, no SSL-related errors appear in the logs, and the configured HTTPS port is accessible, SSL/TLS has been successfully enabled for the Pulse Web UI.
For details on updating and using the SSL options, see Update the SSL Options for UI.
For additional help, contact www.acceldata.force.com OR call our service desk +1 844 9433282
Copyright © 2026