taigrr/nats.docs
1
0
Fork 0
mirror of https://github.com/taigrr/nats.docs synced 2025-01-18 04:03:23 -08:00
Code Issues Projects Releases Wiki Activity

updated gnatsd to nats-server

Browse Source
This commit is contained in:
ainsley
2019-05-22 13:15:35 -05:00
parent 5da9b66f5e
commit cb1d5126a1
9 changed files with 24 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
developer/security/tls.md
View File

@@ -1,13 +1,13 @@
# Encrypting Connections with TLS
While authentication limits which clients can connect, TLS can be used to check the servers identity and the clients identity and will encrypt the traffic between the two. The most secure version of TLS with NATS is to use verified client certificates. In this mode, the client can check that it trusts the certificate sent by `gnatsd` but the server will also check that it trusts the certificate sent by the client. From an applications perspective connecting to a server that does not verify client certificates may appear identical. Under the covers, disabling TLS verification removes the server side check on the clients certificate. When started in TLS mode, `gnatsd` will require all clients to connect with TLS. Moreover, if configured to connect with TLS, client libraries will fail to connect to a server without TLS.
While authentication limits which clients can connect, TLS can be used to check the servers identity and the clients identity and will encrypt the traffic between the two. The most secure version of TLS with NATS is to use verified client certificates. In this mode, the client can check that it trusts the certificate sent by `nats-server` but the server will also check that it trusts the certificate sent by the client. From an applications perspective connecting to a server that does not verify client certificates may appear identical. Under the covers, disabling TLS verification removes the server side check on the clients certificate. When started in TLS mode, `nats-server` will require all clients to connect with TLS. Moreover, if configured to connect with TLS, client libraries will fail to connect to a server without TLS.
The [Java examples repository](https://github.com/nats-io/java-nats-examples/tree/master/src/main/resources) contains certificates for starting the server in TLS mode.
```sh
> gnatsd -c /src/main/resources/tls.conf
> nats-server -c /src/main/resources/tls.conf
or
> gnatsd -c /src/main/resources/tls_verify.conf
> nats-server -c /src/main/resources/tls_verify.conf
```
## Connecting with TLS

6
developer/security/userpass.md
View File

@@ -3,10 +3,10 @@
For this example, start the server using:
```sh
> gnatsd --user myname --pass password
> nats-server --user myname --pass password
```
You can encrypt passwords to pass to `gnatsd` using a simple tool provided by the server:
You can encrypt passwords to pass to `nats-server` using a simple tool provided by the server:
```sh
> go run mkpasswd.go -p
@@ -20,7 +20,7 @@ The code uses localhost:4222 so that you can start the server on your machine to
## Connecting with a User/Password
When logging in with a password `gnatsd` will take either a plain text password or an encrypted password.
When logging in with a password `nats-server` will take either a plain text password or an encrypted password.
!INCLUDE "../../_examples/connect_userpass.html"