Secure a server instance

MATLAB® Production Server™ uses HTTPS for security. You can configure the security of a server instance to be as broad or specific as required. The instance can simply encrypt the communication channel between it and a client or it can block unauthorized clients from accessing applications.


expand all

httpsURL that server instance uses for secure connections
ssl-allowed-clientMATLAB programs a client can access
ssl-ciphersList of cipher suites to use
ssl-tmp-ec-paramElliptical curve used in ECDHE ciphers
ssl-protocolsList of allowed SSL protocols
ssl-tmp-dh-paramFile containing a pregenerated ephemeral DH key
ssl-verify-peer-modeLevel of client verification the server instance requires
x509-ca-file-storeFile containing the server certificate authority file
x509-cert-chainFile containing the server certificate chain
x509-passphraseFile containing the passphrase that decodes the private key
x509-private-keyFile containing the PEM formatted private key
x509-use-crlUse the certificate revocation list
x509-use-system-storeUse the CA store provided by the system
access-control-providerIdentity management service provider name
access-control-configPath to the identity management service provider configuration file
access-control-policyPath to the access control policy file


Enable Security

To enable security, add the following to the server instance’s configuration:

Configure Client Authentication

To ensure that only trusted client applications have access to a server instance, configure the server instance to require client authentication:

Specify Access to MATLAB Programs

By default, server instances allow all clients to access all hosted MATLAB programs.

Adjust Security Protocols

By default, MATLAB Production Server instances try to use TLSv1.2 to secure connections between client and server.

Improve Startup Time When Security Is Activated

When a server instance is configured to use HTTPS, it generates an ephemeral DH key at startup.

Access Control

Description of access control configuration file and policy file in JSON.