Securing¶

TLS¶

The SEAL NATS server can use TLS semantics to encrypt client, route, and monitoring connections. To enable TLS encryption follow these steps:

Uncomment the following section:

# # TLS configuration
# tls: {
#   cert_file: "./cert.pem"
#   key_file: "./key.pem"
# }

Insert the paths to certificate and key files.

Example - Securing with TLS

# TLS configuration
tls: {
    cert_file: "./my_cert.pem"
    key_file: "./my_key.pem"
}

Save the file.
In a PowerShell (Administrator), restart the service:
```
Restart-Service seal-nats
```

Client connections can also get secured by token authentication. To use this method follow these steps:

Uncomment the following section:

# Secure connection with token
authorization {
    token: "unsecure_token"
}

Provide a secure token.

Example - Authorization

# Secure connection with token
authorization {
    token: "G!(<TyIxhB.r^/yLYj;d)+c@g;!9vFn"
}

Save the file.
In a PowerShell (Administrator), restart the service:
```
Restart-Service seal-nats
```