HTTP/TLS Encryption - Overview

---

TLS Encryption with CA

In a standard installation self signed certificates are used.

Caution - security gap

Using the pre-installed self-signed certificates in a productive system is a serious security gap! For closing this security gap, you have to replace the keys of several components.

---

Follow these instructions:

• Get the TLS Certificates

• Configure TLS for the SEAL Print Client Services

  To avoid the browser certificate warnings, install valid customer certificates.

• Configure TLS for Keycloak

• Configure TLS for Consul

• Configure TLS for MongoDB

• Configure TLS for Vault

• Restart SEAL Print Client

---

Configure the SEAL Print Client Services (Separate File)

1. Set the key TLS_DIR to the following path:

   • TLS_DIR: C:\ProgramData\SEAL Systems\infrastructure\config\tls

---