Skip to content

Change the Token for Encrypting the Credentials


If you keep the standard installation, MongoDB is used as credential store. For security reasons, change the pre-configured token used for encrypting the credentials. The token may be any string.

Hint - how to change the configuration

In the instructions below, SEAL Operator CLI is used for changing the configuration. You can also use the Consul Web interface.

Caution - possible data loss

If you execute this step on a running system, you need to backup the MongoDB beforehand and restore the data afterwards. Otherwise data loss will happen!

  1. Open a Command Prompt or PowerShell.

  2. Export the complete configuration of SEAL Operator from Consul to a YAML file with the following command. So you're making sure the current configuration settings are being used.

    operator config export <filename>.yml --insecure
    
  3. Edit the exported file <filename>.yml.

  4. In the env section, specify the new token in the key MONGO_TOKEN:

    env:
      service:
        ...
        operator-server:
          tag:
            any:
              MONGO_TOKEN: 'new_secure_token'
        ...
    
  5. Save the file.

  6. Re-import it to Consul.

    operator config import <filename>.yml --insecure
    
  7. Stop all SEAL Operator services.

    operator service stop
    
  8. When using a PowerShell, delete the complete data directory of MongoDB with the following command:

    rmdir -r %PROGRAMDATA%\SEAL Systems\data\seal-mongodb
    

    When in a Command Prompt, use the following command instead:

    rmdir /q /s %PROGRAMDATA%\SEAL Systems\data\seal-mongodb
    
  9. Restart the service seal-mongodb.

    operator service start seal-mongodb
    
  10. Restart the complete SEAL Operator System.

    operator service start
    

Back to top