Explains what the feature is or what its benefits are to the user or customer.
You should use SSL (secure socket layers) for sending data to and from ThoughtSpot.
SSL provides authentication and data security. This section applies to both SSL to enable secure
HTTP and secure LDAP.
Many IT departments require SSL for their applications that access data. To use SSL with ThoughtSpot,
you'll need your company's own SSL certificate. The certificate is issued per domain, so if you
want to use SSL for both HTTP and LDAP, you will need two separate certificates - one for the
HTTP domain and one for the LDAP domain.
If you do not have an SSL certificate:
Check with your IT department to see if they already have an SSL certificate you can
If not, you will need to obtain the certificate from an issuing authority.
Alternatively, you may disable SSL if you don't want the security it provides by using
the command tscli ssl off.
There are many SSL vendors to choose from. Check with your existing Web hosting provider
first, to see if they can provide the certificate for you.
When you apply for the SSL certificate, you may specify a SAN, wildcard, or single domain
certificate. Any of these can work with ThoughtSpot.
Set the recommended TLS version
There are a couple of security vulnerabilities due to SSL certificates supporting older versions of TLS (Transport Layer Security). This procedure shows you how to set the recommended TLS version to avoid these vulnerabilities.