10. Security

By default, inca components use ssl to communicate with each other. Credentials are automatically generated with the "bin/inca createauth" command described in step 4 of the quickstart guide. The createauth command creates keys and certificates for each inca component (the agent, depot, consumer and incat) and stores them in the $INCA_DIST/etc directory.

Inca can also be run without ssl communication (credentials then do not need to be created with the "createauth" command). To turn off ssl communication, edit the $INCA_DIST/etc/common/inca.properties file as follows:

  1. replace all instances of "incas" with "inca"

  2. change these lines to turn authentication off:
    9 # To turn authentication (i.e., SSL communication) off and on
    10 inca.agent.auth=false
    11 #inca.agent.auth=true
    ...
    67 # To turn authentication (i.e., SSL communication) off and on
    68 inca.depot.auth=false
    69 #inca.depot.auth=true
    ...
    110 # To turn authentication (i.e., SSL communication) off and on
    111 inca.consumer.auth=false
    112 #inca.consumer.auth=true