-XX:JITServerMetricsSSLKey / -XX:JITServerMetricsSSLCert
These options specify the names of the files that contain the private TLS or SSL key and certificate that are used for authentication and encryption of the custom metrics.
Syntax
-XX:JITServerMetricsSSLKey=<key_file>
-XX:JITServerMetricsSSLCert=<cert_file>
Where <key_file> specifies the name of the file that contains the private TLS or SSL key and <cert_file> specifies the name of the file that contains the private TLS or SSL certificate.
The files must all be in .pem file format.
| Setting | Effect | Default |
|---|---|---|
-XX:JITServerMetricsSSLKey |
Set metrics SSL key | None |
-XX:JITServerMetricsSSLCert |
Set metrics SSL certificate | None |
Explanation
Custom metrics are exported by the JITServer server and collected by a monitoring agent, such as Prometheus. The exported data is sent in clear text by default. To secure this data with TLS or SSL authentication and encryption, specify the private key (<key>.pem) and the certificate (<cert>.pem) at the server:
-XX:JITServerMetricsSSLKey=<key>.pem -XX:JITServerMetricsSSLCert=<cert>.pem
You must specify both the options for TLS or SSL authentication and encryption.
Note: To enable the export of custom metrics, you must specify the -XX:[+|-]JITServerMetrics option.