Securing¶
TLS¶
The SEAL NATS server can use TLS semantics to encrypt client, route, and monitoring connections. To enable TLS encryption follow these steps:
-
Open the
%ProgramData%\SEAL Systems\config\nats.confconfiguration file. -
Uncomment the following section:
# # TLS configuration # tls: { # cert_file: "./cert.pem" # key_file: "./key.pem" # } -
Insert the paths to certificate and key files.
# TLS configuration tls: { cert_file: "C:\\ProgramData\\SEAL Systems\\config\\tls-external\\cert.pem" key_file: "C:\\ProgramData\\SEAL Systems\\config\\tls-external\\key.pem" } -
Save the file.
-
In a PowerShell (Administrator), restart the service:
Restart-Service seal-nats
Token Authentication¶
Client connections can also get secured by token authentication. To use this method follow these steps:
-
Open the
%ProgramData%\SEAL Systems\config\nats.confconfiguration file. -
Uncomment the following section:
# Secure connection with token authorization { token: "unsecure_token" } -
Provide a secure token.
Example - authorization
# Secure connection with token authorization { token: "G!(<TyIxhB.r^/yLYj;d)+c@g;!9vFn" } -
Save the file.
-
In a PowerShell (Administrator), restart the service:
Restart-Service seal-nats