Skip to content

Overview


All communication within SEAL Operator is TLS encrypted. In the standard installation, self-signed certificates are used for this.

Caution - security gap

Using the pre-installed self-signed certificates in a productive system is a serious security gap!

Execute the following steps to secure the different components of SEAL Operator and avoid certificate warnings in the browser.


Requirements

Get a TLS certificate in PEM format with a key.pem and a cert.pem file.

This certificate has to contain the following entries:

  • localhost (for local connections on a server)

  • Server name of SEAL Operator

Hint - certificate authority

All TLS certificates have to be signed by the same certificate authority (CA).

Hint - other formats

For how to convert other certificate formats, refer to Convert Certificates.


Secure SEAL Operator

In order to secure SEAL Operator, execute the following steps:

Hint - secure MongoDB

For how to secure MongoDB in general, refer to the SEAL-specific MongoDB documentation.

  • For how to secure SEAL NATS, refer to the SEAL NATS documentation.

Next Step

Continue with: Secure the SEAL Operator Services


Back to top