Using SPARKL in the cloud

To use SPARKL in the cloud, you should secure communication with the SPARKLĀ® Developer Console through TLS/SSL.

Before you begin

  1. Stop the SPARKL node you want to edit.
  2. Create a machine key with OpenSSL.
  3. Obtain a certificate for your machine(s), signed by an SSL provider, such as GoDaddy.
Tip: The SSL provider may use an intermediate certificate chain, in which case you get a chain certificate as well.

About this task

To provide a secure layer for communication, you have to upload a number of files to your node and reference them in the configuration of the node. The files needed are:

  • The machine key
  • One or more signed certificates, depending on the SSL provider's policies
Note: If you run SPARKL in a cluster, you have to edit the contact node.


  1. Place the files listed above in the ssl directory of the node.
    The ssl directory is created at auto-configuration, just like the configuration file of the node.

    By default, ssl contains the localhost.key machine key and the localhost.crt certificate.

    Tip: You may delete the default key and certificate if not needed anymore.
  2. Open the sys.config of the node in a text editor.
  3. Edit the sse_yaws entries, as listed:
    sse_yaws is a SPARKL extension responsible for handling the REST setup.
    1. Reference the machine key you have uploaded to the ssl directory.
      {yaws_ssl_key_file, "ssl/mymachine.key"}
    2. Reference the SSL certificate you have uploaded to the ssl directory.
      {yaws_ssl_cert_file, "ssl/mydomain.crt"}
    3. Optional: Reference the chain certificate you have uploaded to the ssl directory.
      {yaws_ssl_cacert_file, "ssl/"}
    4. Specify the number of intermediate certificates between you and the root certificate authority.


You can use the secured port, which by default is port 9000, to run the SPARKLĀ® Developer Console.

For example, based on the sample configuration below,


Tip: If you want to disable either the plain or the secured port, just omit the related entry, or set the port of either to `undefined`.

What to do next

Save the changes and restart the node.