taigrr/nats.docs
1
0
Fork 0
mirror of https://github.com/taigrr/nats.docs synced 2025-01-18 04:03:23 -08:00
Code Issues Projects Releases Wiki Activity
nats.docs/docs/nats_server/cluster_tls.html
Stephen Asbury 7164aa2dc8 Pointed logo to nats.io site to use absolute path
2019-05-30 16:28:02 -07:00

2814 lines
70 KiB
HTML
Raw Blame History

<!DOCTYPE HTML>
<html lang="" >
<head>
<meta charset="UTF-8">
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>TLS Authentication ยท NATS</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="description" content="">
<meta name="generator" content="GitBook 3.2.3">
<meta name="author" content="The NATS Maintainers">
<link rel="stylesheet" href="../gitbook/style.css">
<link rel="stylesheet" href="../gitbook/gitbook-plugin-prism/prism.css">
<link rel="stylesheet" href="../gitbook/gitbook-plugin-toggle-chapters/toggle.css">
<link rel="stylesheet" href="../gitbook/gitbook-plugin-anchors/plugin.css">
<link rel="stylesheet" href="../gitbook/gitbook-plugin-search/search.css">
<link rel="stylesheet" href="../gitbook/gitbook-plugin-fontsettings/website.css">
<meta name="HandheldFriendly" content="true"/>
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="black">
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="../gitbook/images/apple-touch-icon-precomposed-152.png">
<link rel="shortcut icon" href="../gitbook/images/favicon.ico" type="image/x-icon">
<link rel="next" href="../gateways/" />
<link rel="prev" href="cluster_config.html" />
<link rel="stylesheet" href="https://cdn.materialdesignicons.com/3.6.95/css/materialdesignicons.min.css">
</head>
<body>
<div class="book">
<div class="book-summary">
<div id="book-search-input" role="search">
<input type="text" placeholder="Type to search" />
</div>
<nav role="navigation">
<ul class="summary">
<li class="chapter " data-level="1.1" data-path="../">
<a href="../">
Introduction
</a>
</li>
<li class="chapter " data-level="1.2" data-path="../whats_new/whats_new_20.html">
<a href="../whats_new/whats_new_20.html">
What's New in 2.0
</a>
</li>
<li class="header">Concepts</li>
<li class="chapter " data-level="2.1" data-path="../developer/concepts/intro.html">
<a href="../developer/concepts/intro.html">
What is NATS
</a>
</li>
<li class="chapter " data-level="2.2" data-path="../developer/concepts/subjects.html">
<a href="../developer/concepts/subjects.html">
Subject-Based Messaging
</a>
</li>
<li class="chapter " data-level="2.3" data-path="../developer/concepts/pubsub.html">
<a href="../developer/concepts/pubsub.html">
Publish-Subscribe
</a>
</li>
<li class="chapter " data-level="2.4" data-path="../developer/concepts/reqreply.html">
<a href="../developer/concepts/reqreply.html">
Request-Reply
</a>
</li>
<li class="chapter " data-level="2.5" data-path="../developer/concepts/queue.html">
<a href="../developer/concepts/queue.html">
Queue Groups
</a>
</li>
<li class="chapter " data-level="2.6" data-path="../developer/concepts/acks.html">
<a href="../developer/concepts/acks.html">
Acknowledgements
</a>
</li>
<li class="chapter " data-level="2.7" data-path="../developer/concepts/seq_num.html">
<a href="../developer/concepts/seq_num.html">
Sequence Numbers
</a>
</li>
<li class="header">Developing With NATS</li>
<li class="chapter " data-level="3.1" data-path="../developer/">
<a href="../developer/">
Introduction
</a>
</li>
<li class="chapter " data-level="3.2" data-path="../developer/connecting/intro.html">
<a href="../developer/connecting/intro.html">
Connecting
</a>
<ul class="articles">
<li class="chapter " data-level="3.2.1" data-path="../developer/connecting/default_server.html">
<a href="../developer/connecting/default_server.html">
Connecting to the Default Server
</a>
</li>
<li class="chapter " data-level="3.2.2" data-path="../developer/connecting/specific_server.html">
<a href="../developer/connecting/specific_server.html">
Connecting to a Specific Server
</a>
</li>
<li class="chapter " data-level="3.2.3" data-path="../developer/connecting/cluster.html">
<a href="../developer/connecting/cluster.html">
Connecting to a Cluster
</a>
</li>
<li class="chapter " data-level="3.2.4" data-path="../developer/connecting/connect_timeout.html">
<a href="../developer/connecting/connect_timeout.html">
Setting a Connect Timeout
</a>
</li>
<li class="chapter " data-level="3.2.5" data-path="../developer/connecting/pingpong.html">
<a href="../developer/connecting/pingpong.html">
Ping/Pong Protocol
</a>
</li>
<li class="chapter " data-level="3.2.6" data-path="../developer/connecting/protocol.html">
<a href="../developer/connecting/protocol.html">
Controlling the Client/Server Protocol
</a>
</li>
<li class="chapter " data-level="3.2.7" data-path="../developer/connecting/noecho.html">
<a href="../developer/connecting/noecho.html">
Turning Off Echo'd Messages
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="3.3" data-path="../developer/reconnect/intro.html">
<a href="../developer/reconnect/intro.html">
Automatic Reconnections
</a>
<ul class="articles">
<li class="chapter " data-level="3.3.1" data-path="../developer/reconnect/disable.html">
<a href="../developer/reconnect/disable.html">
Disabling Reconnect
</a>
</li>
<li class="chapter " data-level="3.3.2" data-path="../developer/reconnect/max.html">
<a href="../developer/reconnect/max.html">
Set the Number of Reconnect Attempts
</a>
</li>
<li class="chapter " data-level="3.3.3" data-path="../developer/reconnect/wait.html">
<a href="../developer/reconnect/wait.html">
Pausing Between Reconnect Attempts
</a>
</li>
<li class="chapter " data-level="3.3.4" data-path="../developer/reconnect/random.html">
<a href="../developer/reconnect/random.html">
Avoiding the Thundering Herd
</a>
</li>
<li class="chapter " data-level="3.3.5" data-path="../developer/reconnect/events.html">
<a href="../developer/reconnect/events.html">
Listening for Reconnect Events
</a>
</li>
<li class="chapter " data-level="3.3.6" data-path="../developer/reconnect/buffer.html">
<a href="../developer/reconnect/buffer.html">
Buffering Messages During Reconnect Attempts
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="3.4" data-path="../developer/security/intro.html">
<a href="../developer/security/intro.html">
Securing Connections
</a>
<ul class="articles">
<li class="chapter " data-level="3.4.1" data-path="../developer/security/userpass.html">
<a href="../developer/security/userpass.html">
Authenticating with a User and Password
</a>
</li>
<li class="chapter " data-level="3.4.2" data-path="../developer/security/token.html">
<a href="../developer/security/token.html">
Authenticating with a Token
</a>
</li>
<li class="chapter " data-level="3.4.3" data-path="../developer/security/nkey.html">
<a href="../developer/security/nkey.html">
Authenticating with an NKey
</a>
</li>
<li class="chapter " data-level="3.4.4" data-path="../developer/security/creds.html">
<a href="../developer/security/creds.html">
Authenticating with a Credentials File
</a>
</li>
<li class="chapter " data-level="3.4.5" data-path="../developer/security/tls.html">
<a href="../developer/security/tls.html">
Encrypting Connections with TLS
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="3.5" data-path="../developer/receiving/intro.html">
<a href="../developer/receiving/intro.html">
Receiving Messages
</a>
<ul class="articles">
<li class="chapter " data-level="3.5.1" data-path="../developer/receiving/sync.html">
<a href="../developer/receiving/sync.html">
Synchronous Subscriptions
</a>
</li>
<li class="chapter " data-level="3.5.2" data-path="../developer/receiving/async.html">
<a href="../developer/receiving/async.html">
Asynchronous Subscriptions
</a>
</li>
<li class="chapter " data-level="3.5.3" data-path="../developer/receiving/unsubscribing.html">
<a href="../developer/receiving/unsubscribing.html">
Unsubscribing
</a>
</li>
<li class="chapter " data-level="3.5.4" data-path="../developer/receiving/unsub_after.html">
<a href="../developer/receiving/unsub_after.html">
Unsubscribing After N Messages
</a>
</li>
<li class="chapter " data-level="3.5.5" data-path="../developer/receiving/reply.html">
<a href="../developer/receiving/reply.html">
Replying to a Message
</a>
</li>
<li class="chapter " data-level="3.5.6" data-path="../developer/receiving/wildcards.html">
<a href="../developer/receiving/wildcards.html">
Wildcard Subscriptions
</a>
</li>
<li class="chapter " data-level="3.5.7" data-path="../developer/receiving/queues.html">
<a href="../developer/receiving/queues.html">
Queue Subscriptions
</a>
</li>
<li class="chapter " data-level="3.5.8" data-path="../developer/receiving/drain.html">
<a href="../developer/receiving/drain.html">
Draining Messages Before Disconnect
</a>
</li>
<li class="chapter " data-level="3.5.9" data-path="../developer/receiving/structure.html">
<a href="../developer/receiving/structure.html">
Structured Data
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="3.6" data-path="../developer/sending/intro.html">
<a href="../developer/sending/intro.html">
Sending Messages
</a>
<ul class="articles">
<li class="chapter " data-level="3.6.1" data-path="../developer/sending/replyto.html">
<a href="../developer/sending/replyto.html">
Including a Reply Subject
</a>
</li>
<li class="chapter " data-level="3.6.2" data-path="../developer/sending/request_reply.html">
<a href="../developer/sending/request_reply.html">
Request-Reply Semantics
</a>
</li>
<li class="chapter " data-level="3.6.3" data-path="../developer/sending/caches.html">
<a href="../developer/sending/caches.html">
Caches, Flush and Ping
</a>
</li>
<li class="chapter " data-level="3.6.4" data-path="../developer/sending/structure.html">
<a href="../developer/sending/structure.html">
Sending Structured Data
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="3.7" data-path="../developer/events/intro.html">
<a href="../developer/events/intro.html">
Monitoring the Connection
</a>
<ul class="articles">
<li class="chapter " data-level="3.7.1" data-path="../developer/events/events.html">
<a href="../developer/events/events.html">
Listen for Connection Events
</a>
</li>
<li class="chapter " data-level="3.7.2" data-path="../developer/events/slow.html">
<a href="../developer/events/slow.html">
Slow Consumers
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="3.8" data-path="../developer/tutorials/intro.html">
<a href="../developer/tutorials/intro.html">
Tutorials
</a>
<ul class="articles">
<li class="chapter " data-level="3.8.1" data-path="../developer/tutorials/pubsub.html">
<a href="../developer/tutorials/pubsub.html">
Explore NATS Pub/Sub
</a>
</li>
<li class="chapter " data-level="3.8.2" data-path="../developer/tutorials/reqreply.html">
<a href="../developer/tutorials/reqreply.html">
Explore NATS Request/Reply
</a>
</li>
<li class="chapter " data-level="3.8.3" data-path="../developer/tutorials/queues.html">
<a href="../developer/tutorials/queues.html">
Explore NATS Queueing
</a>
</li>
<li class="chapter " data-level="3.8.4" data-path="../developer/tutorials/custom_dialer.html">
<a href="../developer/tutorials/custom_dialer.html">
Advanced Connect and Custom Dialer in Go
</a>
</li>
</ul>
</li>
<li class="header">NATS Server</li>
<li class="chapter " data-level="4.1" data-path="installation.html">
<a href="installation.html">
Installing
</a>
</li>
<li class="chapter " data-level="4.2" data-path="running.html">
<a href="running.html">
Running
</a>
<ul class="articles">
<li class="chapter " data-level="4.2.1" data-path="windows_srv.html">
<a href="windows_srv.html">
Window Service
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="4.3" data-path="clients.html">
<a href="clients.html">
Clients
</a>
</li>
<li class="chapter " data-level="4.4" data-path="flags.html">
<a href="flags.html">
Flags
</a>
</li>
<li class="chapter " data-level="4.5" data-path="configuration.html">
<a href="configuration.html">
Configuration
</a>
<ul class="articles">
<li class="chapter " data-level="4.5.1" data-path="securing_nats.html">
<a href="securing_nats.html">
Securing NATS
</a>
<ul class="articles">
<li class="chapter " data-level="4.5.1.1" data-path="tls.html">
<a href="tls.html">
Enabling TLS
</a>
</li>
<li class="chapter " data-level="4.5.1.2" data-path="auth_intro.html">
<a href="auth_intro.html">
Authentication
</a>
<ul class="articles">
<li class="chapter " data-level="4.5.1.2.1" data-path="tokens.html">
<a href="tokens.html">
Tokens
</a>
</li>
<li class="chapter " data-level="4.5.1.2.2" data-path="username_password.html">
<a href="username_password.html">
Username/Password
</a>
</li>
<li class="chapter " data-level="4.5.1.2.3" data-path="tls_mutual_auth.html">
<a href="tls_mutual_auth.html">
TLS Authentication
</a>
</li>
<li class="chapter " data-level="4.5.1.2.4" data-path="nkey_auth.html">
<a href="nkey_auth.html">
NKeys
</a>
</li>
<li class="chapter " data-level="4.5.1.2.5" data-path="accounts.html">
<a href="accounts.html">
Accounts
</a>
</li>
<li class="chapter " data-level="4.5.1.2.6" data-path="jwt_auth.html">
<a href="jwt_auth.html">
JWTs
</a>
</li>
<li class="chapter " data-level="4.5.1.2.7" data-path="auth_timeout.html">
<a href="auth_timeout.html">
Authentication Timeout
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="4.5.1.3" data-path="authorization.html">
<a href="authorization.html">
Authorization
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="4.5.2" data-path="clustering.html">
<a href="clustering.html">
Clustering
</a>
<ul class="articles">
<li class="chapter " data-level="4.5.2.1" data-path="cluster_config.html">
<a href="cluster_config.html">
Configuration
</a>
</li>
<li class="chapter active" data-level="4.5.2.2" data-path="cluster_tls.html">
<a href="cluster_tls.html">
TLS Authentication
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="4.5.3" data-path="../gateways/">
<a href="../gateways/">
Gateways
</a>
<ul class="articles">
<li class="chapter " data-level="4.5.3.1" data-path="../gateways/gateway.html">
<a href="../gateways/gateway.html">
Configuration
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="4.5.4" data-path="../leafnodes/">
<a href="../leafnodes/">
Leaf Nodes
</a>
<ul class="articles">
<li class="chapter " data-level="4.5.4.1" data-path="../leafnodes/leafnode_conf.html">
<a href="../leafnodes/leafnode_conf.html">
Configuration
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="4.5.5" data-path="logging.html">
<a href="logging.html">
Logging
</a>
</li>
<li class="chapter " data-level="4.5.6" data-path="monitoring.html">
<a href="monitoring.html">
Monitoring
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="4.6" data-path="../nats_admin/">
<a href="../nats_admin/">
Managing A NATS Server
</a>
<ul class="articles">
<li class="chapter " data-level="4.6.1" data-path="../nats_admin/upgrading_cluster.html">
<a href="../nats_admin/upgrading_cluster.html">
Upgrading a Cluster
</a>
</li>
<li class="chapter " data-level="4.6.2" data-path="../nats_admin/slow_consumers.html">
<a href="../nats_admin/slow_consumers.html">
Slow Consumers
</a>
</li>
<li class="chapter " data-level="4.6.3" data-path="../nats_admin/signals.html">
<a href="../nats_admin/signals.html">
Signals
</a>
</li>
<li class="chapter " data-level="4.6.4" data-path="../sys_accounts/">
<a href="../sys_accounts/">
System Accounts
</a>
<ul class="articles">
<li class="chapter " data-level="4.6.4.1" data-path="../sys_accounts/sys_accounts.html">
<a href="../sys_accounts/sys_accounts.html">
Configuration
</a>
</li>
</ul>
</li>
</ul>
</li>
<li class="chapter " data-level="4.7" data-path="../nats_docker/">
<a href="../nats_docker/">
NATS and Docker
</a>
<ul class="articles">
<li class="chapter " data-level="4.7.1" data-path="../nats_docker/tutorial.html">
<a href="../nats_docker/tutorial.html">
Tutorial
</a>
</li>
<li class="chapter " data-level="4.7.2" data-path="../nats_docker/docker_swarm.html">
<a href="../nats_docker/docker_swarm.html">
Docker Swarm
</a>
</li>
</ul>
</li>
<li class="header">NATS Tools</li>
<li class="chapter " data-level="5.1" data-path="../nats_tools/mkpasswd.html">
<a href="../nats_tools/mkpasswd.html">
mkpasswd
</a>
</li>
<li class="chapter " data-level="5.2" data-path="../nats_tools/nk.html">
<a href="../nats_tools/nk.html">
nk
</a>
</li>
<li class="chapter " data-level="5.3" data-path="../nats_tools/nsc/">
<a href="../nats_tools/nsc/">
nsc
</a>
<ul class="articles">
<li class="chapter " data-level="5.3.1" data-path="../nats_tools/nsc/nsc.html">
<a href="../nats_tools/nsc/nsc.html">
Basics
</a>
</li>
<li class="chapter " data-level="5.3.2" data-path="../nats_tools/nsc/streams.html">
<a href="../nats_tools/nsc/streams.html">
Streams
</a>
</li>
<li class="chapter " data-level="5.3.3" data-path="../nats_tools/nsc/services.html">
<a href="../nats_tools/nsc/services.html">
Services
</a>
</li>
<li class="chapter " data-level="5.3.4" data-path="../nats_tools/nsc/signing_keys.html">
<a href="../nats_tools/nsc/signing_keys.html">
Signing Keys
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="5.4" data-path="../nats_tools/nas/">
<a href="../nats_tools/nas/">
nats-account-server
</a>
<ul class="articles">
<li class="chapter " data-level="5.4.1" data-path="../nats_tools/nas/nas_conf.html">
<a href="../nats_tools/nas/nas_conf.html">
Basics
</a>
</li>
<li class="chapter " data-level="5.4.2" data-path="../nats_tools/nas/inspecting_jwts.html">
<a href="../nats_tools/nas/inspecting_jwts.html">
Inspecting JWTs
</a>
</li>
<li class="chapter " data-level="5.4.3" data-path="../nats_tools/nas/mem_resolver.html">
<a href="../nats_tools/nas/mem_resolver.html">
Memory Resolver
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="5.5" data-path="../nats_tools/nats_top/">
<a href="../nats_tools/nats_top/">
nats-top
</a>
<ul class="articles">
<li class="chapter " data-level="5.5.1" data-path="../nats_tools/nats_top/tutorial.html">
<a href="../nats_tools/nats_top/tutorial.html">
Tutorial
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="5.6" data-path="../nats_tools/natsbench.html">
<a href="../nats_tools/natsbench.html">
nats-bench
</a>
</li>
<li class="header">NATS Streaming Concepts</li>
<li class="chapter " data-level="6.1" data-path="../nats_streaming/intro.html">
<a href="../nats_streaming/intro.html">
Introduction
</a>
<ul class="articles">
<li class="chapter " data-level="6.1.1" data-path="../nats_streaming/relation-to-nats.html">
<a href="../nats_streaming/relation-to-nats.html">
Relation to NATS
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="6.2" data-path="../nats_streaming/client-connections.html">
<a href="../nats_streaming/client-connections.html">
Client Connections
</a>
</li>
<li class="chapter " data-level="6.3" data-path="../nats_streaming/channels/channels.html">
<a href="../nats_streaming/channels/channels.html">
Channels
</a>
<ul class="articles">
<li class="chapter " data-level="6.3.1" data-path="../nats_streaming/channels/message-log.html">
<a href="../nats_streaming/channels/message-log.html">
Message Log
</a>
</li>
<li class="chapter " data-level="6.3.2" data-path="../nats_streaming/channels/subscriptions/subscriptions.html">
<a href="../nats_streaming/channels/subscriptions/subscriptions.html">
Subscriptions
</a>
<ul class="articles">
<li class="chapter " data-level="6.3.2.1" data-path="../nats_streaming/channels/subscriptions/regular.html">
<a href="../nats_streaming/channels/subscriptions/regular.html">
Regular
</a>
</li>
<li class="chapter " data-level="6.3.2.2" data-path="../nats_streaming/channels/subscriptions/durable.html">
<a href="../nats_streaming/channels/subscriptions/durable.html">
Durable
</a>
</li>
<li class="chapter " data-level="6.3.2.3" data-path="../nats_streaming/channels/subscriptions/queue-group.html">
<a href="../nats_streaming/channels/subscriptions/queue-group.html">
Queue Group
</a>
</li>
<li class="chapter " data-level="6.3.2.4" data-path="../nats_streaming/channels/subscriptions/redelivery.html">
<a href="../nats_streaming/channels/subscriptions/redelivery.html">
Redelivery
</a>
</li>
</ul>
</li>
</ul>
</li>
<li class="chapter " data-level="6.4" data-path="../nats_streaming/store-interface.html">
<a href="../nats_streaming/store-interface.html">
Store Interface
</a>
</li>
<li class="chapter " data-level="6.5" data-path="../nats_streaming/store-encryption.html">
<a href="../nats_streaming/store-encryption.html">
Store Encryption
</a>
</li>
<li class="chapter " data-level="6.6" data-path="../nats_streaming/clustering/clustering.html">
<a href="../nats_streaming/clustering/clustering.html">
Clustering
</a>
<ul class="articles">
<li class="chapter " data-level="6.6.1" data-path="../nats_streaming/clustering/supported-stores.html">
<a href="../nats_streaming/clustering/supported-stores.html">
Supported Stores
</a>
</li>
<li class="chapter " data-level="6.6.2" data-path="../nats_streaming/clustering/configuration.html">
<a href="../nats_streaming/clustering/configuration.html">
Configuration
</a>
</li>
<li class="chapter " data-level="6.6.3" data-path="../nats_streaming/clustering/auto-configuration.html">
<a href="../nats_streaming/clustering/auto-configuration.html">
Auto Configuration
</a>
</li>
<li class="chapter " data-level="6.6.4" data-path="../nats_streaming/clustering/containers.html">
<a href="../nats_streaming/clustering/containers.html">
Containers
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="6.7" data-path="../nats_streaming/fault-tolerance/ft.html">
<a href="../nats_streaming/fault-tolerance/ft.html">
Fault Tolerance
</a>
<ul class="articles">
<li class="chapter " data-level="6.7.1" data-path="../nats_streaming/fault-tolerance/active-server.html">
<a href="../nats_streaming/fault-tolerance/active-server.html">
Active Server
</a>
</li>
<li class="chapter " data-level="6.7.2" data-path="../nats_streaming/fault-tolerance/standby-server.html">
<a href="../nats_streaming/fault-tolerance/standby-server.html">
Standby Servers
</a>
</li>
<li class="chapter " data-level="6.7.3" data-path="../nats_streaming/fault-tolerance/shared-state.html">
<a href="../nats_streaming/fault-tolerance/shared-state.html">
Shared State
</a>
</li>
<li class="chapter " data-level="6.7.4" data-path="../nats_streaming/fault-tolerance/failover.html">
<a href="../nats_streaming/fault-tolerance/failover.html">
Failover
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="6.8" data-path="../nats_streaming/partitioning.html">
<a href="../nats_streaming/partitioning.html">
Partitioning
</a>
</li>
<li class="header">Developing With NATS Streaming</li>
<li class="chapter " data-level="7.1" data-path="../developer/streaming/">
<a href="../developer/streaming/">
Introduction
</a>
</li>
<li class="chapter " data-level="7.2" data-path="../developer/streaming/connecting.html">
<a href="../developer/streaming/connecting.html">
Connecting to NATS Streaming
</a>
</li>
<li class="chapter " data-level="7.3" data-path="../developer/streaming/publishing.html">
<a href="../developer/streaming/publishing.html">
Publishing to a Channel
</a>
</li>
<li class="chapter " data-level="7.4" data-path="../developer/streaming/receiving.html">
<a href="../developer/streaming/receiving.html">
Receiving Messages from a Channel
</a>
</li>
<li class="chapter " data-level="7.5" data-path="../developer/streaming/durables.html">
<a href="../developer/streaming/durables.html">
Durable Subscriptions
</a>
</li>
<li class="chapter " data-level="7.6" data-path="../developer/streaming/queues.html">
<a href="../developer/streaming/queues.html">
Queue Subscriptions
</a>
</li>
<li class="chapter " data-level="7.7" data-path="../developer/streaming/acks.html">
<a href="../developer/streaming/acks.html">
Acknowledgements
</a>
</li>
<li class="chapter " data-level="7.8" data-path="../developer/streaming/protocol.html">
<a href="../developer/streaming/protocol.html">
The Streaming Protocol
</a>
</li>
<li class="header">NATS Streaming Server</li>
<li class="chapter " data-level="8.1" data-path="../nats_streaming/gettingstarted/install.html">
<a href="../nats_streaming/gettingstarted/install.html">
Installing
</a>
</li>
<li class="chapter " data-level="8.2" data-path="../nats_streaming/gettingstarted/run.html">
<a href="../nats_streaming/gettingstarted/run.html">
Running
</a>
</li>
<li class="chapter " data-level="8.3" data-path="../nats_streaming/gettingstarted/configuring.html">
<a href="../nats_streaming/gettingstarted/configuring.html">
Configuring
</a>
</li>
<li class="chapter " data-level="8.4" data-path="../nats_streaming/gettingstarted/tls.html">
<a href="../nats_streaming/gettingstarted/tls.html">
Securing
</a>
</li>
<li class="chapter " data-level="8.5" data-path="../nats_streaming/gettingstarted/process-signaling.html">
<a href="../nats_streaming/gettingstarted/process-signaling.html">
Process Signaling
</a>
</li>
<li class="chapter " data-level="8.6" data-path="../nats_streaming/gettingstarted/windows-service.html">
<a href="../nats_streaming/gettingstarted/windows-service.html">
Windows Service
</a>
</li>
<li class="chapter " data-level="8.7" data-path="../developer/streaming/embedding.html">
<a href="../developer/streaming/embedding.html">
Embedding NATS Streaming Server
</a>
</li>
<li class="chapter " data-level="8.8" data-path="../nats_streaming/swarm.html">
<a href="../nats_streaming/swarm.html">
Docker Swarm
</a>
</li>
<li class="chapter " data-level="8.9" data-path="../nats_streaming/monitoring/monitoring.html">
<a href="../nats_streaming/monitoring/monitoring.html">
Monitoring
</a>
<ul class="articles">
<li class="chapter " data-level="8.9.1" data-path="../nats_streaming/monitoring/enabling.html">
<a href="../nats_streaming/monitoring/enabling.html">
Enabling
</a>
</li>
<li class="chapter " data-level="8.9.2" data-path="../nats_streaming/monitoring/endpoints.html">
<a href="../nats_streaming/monitoring/endpoints.html">
Endpoints
</a>
</li>
</ul>
</li>
<li class="header">NATS Protocol</li>
<li class="chapter " data-level="9.1" data-path="../nats_protocol/nats-protocol-demo.html">
<a href="../nats_protocol/nats-protocol-demo.html">
Protocol Demo
</a>
</li>
<li class="chapter " data-level="9.2" data-path="../nats_protocol/nats-protocol.html">
<a href="../nats_protocol/nats-protocol.html">
Client Protocol
</a>
<ul class="articles">
<li class="chapter " data-level="9.2.1" data-path="../nats_protocol/nats-client-dev.html">
<a href="../nats_protocol/nats-client-dev.html">
Developing a Client
</a>
</li>
</ul>
</li>
<li class="chapter " data-level="9.3" data-path="../nats_protocol/nats-server-protocol.html">
<a href="../nats_protocol/nats-server-protocol.html">
NATS Cluster Protocol
</a>
</li>
<li class="divider"></li>
<li>
<a href="https://www.gitbook.com" target="blank" class="gitbook-link">
Published with GitBook
</a>
</li>
</ul>
</nav>
</div>
<div class="book-body">
<div class="body-inner">
<div class="book-header" role="navigation">
<!-- Title -->
<h1>
<i class="fa fa-circle-o-notch fa-spin"></i>
<a href=".." >TLS Authentication</a>
</h1>
</div>
<div class="page-wrapper" tabindex="-1" role="main">
<div class="page-inner">
<div id="book-search-results">
<div class="search-noresults">
<section class="normal markdown-section">
<h2 id="cluster-tls-mutual-authentication"><a name="cluster-tls-mutual-authentication" class="plugin-anchor" href="#cluster-tls-mutual-authentication"><i class="fa fa-link" aria-hidden="true"></i></a>Cluster TLS Mutual Authentication</h2>
<p>When setting up clusters all servers in the cluster, if using TLS, will both verify the connecting endpoints and the server responses. So certificates are checked in both directions. Certificates can be configured only for the server&apos;s cluster identity, keeping client and server certificates separate from cluster formation.</p>
<p>TLS Mutual Authentication <em>is the recommended way</em> of securing routes.</p>
<pre class="language-"><code>cluster {
listen: 127.0.0.1:4244
tls {
# Route cert
cert_file: &quot;./configs/certs/srva-cert.pem&quot;
# Private key
key_file: &quot;./configs/certs/srva-key.pem&quot;
# Optional certificate authority verifying connected routes
# Required when we have self-signed CA, etc.
ca_file: &quot;./configs/certs/ca.pem&quot;
}
# Routes are actively solicited and connected to from this server.
# Other servers can connect to us if they supply the correct credentials
# in their routes definitions from above.
routes = [
nats-route://127.0.0.1:4246
]
}
</code></pre>
</section>
</div>
<div class="search-results">
<div class="has-results">
<h1 class="search-results-title"><span class='search-results-count'></span> results matching "<span class='search-query'></span>"</h1>
<ul class="search-results-list"></ul>
</div>
<div class="no-results">
<h1 class="search-results-title">No results matching "<span class='search-query'></span>"</h1>
</div>
</div>
</div>
</div>
</div>
</div>
<a href="cluster_config.html" class="navigation navigation-prev " aria-label="Previous page: Configuration">
<i class="fa fa-angle-left"></i>
</a>
<a href="../gateways/" class="navigation navigation-next " aria-label="Next page: Gateways">
<i class="fa fa-angle-right"></i>
</a>
</div>
<script>
var gitbook = gitbook || [];
gitbook.push(function() {
gitbook.page.hasChanged({"page":{"title":"TLS Authentication","level":"4.5.2.2","depth":3,"next":{"title":"Gateways","level":"4.5.3","depth":2,"path":"gateways/README.md","ref":"gateways/README.md","articles":[{"title":"Configuration","level":"4.5.3.1","depth":3,"path":"gateways/gateway.md","ref":"gateways/gateway.md","articles":[]}]},"previous":{"title":"Configuration","level":"4.5.2.1","depth":3,"path":"nats_server/cluster_config.md","ref":"nats_server/cluster_config.md","articles":[]},"dir":"ltr"},"config":{"plugins":["prism","-sharing","-highlight","include-html","toggle-chapters","anchors"],"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"pluginsConfig":{"prism":{"lang":{"ascii":"markup","text":"markup"}},"include-html":{},"toggle-chapters":{},"anchors":{},"search":{},"lunr":{"maxIndexSize":1000000,"ignoreSpecialCharacters":false},"fontsettings":{"theme":"white","family":"sans","size":2},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":false}},"theme":"default","author":"The NATS Maintainers","pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"variables":{},"title":"NATS","gitbook":"*","description":"Administrative, developer and conceptual documentation for the NATS messaging system."},"file":{"path":"nats_server/cluster_tls.md","mtime":"2019-05-30T21:51:29.873Z","type":"markdown"},"gitbook":{"version":"3.2.3","time":"2019-05-30T23:27:21.986Z"},"basePath":"..","book":{"language":""}});
});
</script>
</div>
<!-- Viz Support -->
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/viz.js/2.1.2/viz.js"> </script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/viz.js/2.1.2/lite.render.js"> </script>
<!-- Site code -->
<script>
function flash(elem, text, speed) {
if (!elem) {
return;
}
var s = elem.style;
elem.textContent = text;
s.display = 'block';
s.opacity = 1;
(function fade() {
(s.opacity -= .1) < .1 ? s.display = "none" : setTimeout(fade, speed)
})();
}
function copyToClipboard(text, el) {
var copyTest = document.queryCommandSupported('copy');
var elOriginalText = el.getAttribute('data-original-title');
if (copyTest === true) {
var copyTextArea = document.createElement("textarea");
copyTextArea.value = text;
document.body.appendChild(copyTextArea);
copyTextArea.select();
try {
var successful = document.execCommand('copy');
var msg = successful ? 'Copied!' : 'Whoops, not copied!';
var parent = el.parentNode.parentNode;
var msgElem = parent.querySelector(".copy-msg");
flash(msgElem, msg, 100);
} catch (err) {
console.log('Oops, unable to copy', err);
}
document.body.removeChild(copyTextArea);
el.setAttribute('data-original-title', elOriginalText);
} else {
// Fallback if browser doesn't support .execCommand('copy')
window.prompt("Copy to clipboard: Ctrl+C or Command+C, Enter", text);
}
}
function processGraphVizSections(elements) {
var elements = document.querySelectorAll("[data-viz]");
var viz = new Viz();
Array.prototype.forEach.call(elements, function (x) {
var engine = x.getAttribute("data-viz");
var image = viz.renderImageElement(x.innerText, {
format: "png",
engine: engine
}).then(function (element) {
x.parentNode.insertBefore(element, x);
});
});
};
function updateLanguageParameter(value) {
const param = "lang";
if (window.location.href.indexOf("?") >= 0) {
const regExp = new RegExp(param + "(.+?)(&|$)", "g");
const newUrl = window.location.href.replace(regExp, param + "=" + encodeURIComponent(value) + "$2");
window.history.pushState("", "", newUrl);
} else {
const newUrl = window.location.href + "?" + param + "=" + encodeURIComponent(value);
window.history.pushState("", "", newUrl);
}
}
function getLanguageParameter() {
var match = RegExp('[?&]lang=([^&]*)').exec(window.location.search);
return match && decodeURIComponent(match[1].replace(/\+/g, ' '));
}
function docReady() {
window.gitbook.events.bind("page.change", function () {
pageChanged();
});
}
function pageChanged() {
var logos = document.querySelectorAll(".nats");
if (logos && logos.length == 0) {
gitbook.toolbar.createButton({
icon: 'nats',
label: 'NATS Home Page',
position: 'right',
onClick: function () {
var win = window.open("https://nats.io/", '_blank');
win.focus();
}
});
}
document.querySelectorAll('.js-copy').forEach(elem => {
elem.addEventListener("click", function () {
var el = this;
var parent = this.parentNode.parentNode;
var code = parent.querySelector('code');
var text = code.textContent || code.innerText;
copyToClipboard(text, el);
})
});
document.querySelectorAll('.api-lang').forEach(elem => {
elem.addEventListener("click", function () {
var curLang = sessionStorage.getItem('nats-api-language');
var lang = this.getAttribute('data-language');
// Stop the infinite loop
if (curLang == lang) {
return;
}
sessionStorage.setItem('nats-api-language', lang); // So we only do this 1x
updateLanguageParameter(lang)
document.querySelectorAll('.api-lang[data-language=' + lang + ']').forEach(elem => {
elem.click();
});
})
});
if (sessionStorage) {
var curLang = sessionStorage.getItem('nats-api-language');
var queryLang = getLanguageParameter();
var lang = curLang;
if (queryLang) { // query takes precedent
lang = queryLang
}
if (lang) {
document.querySelectorAll('.api-lang[data-language=' + lang + ']').forEach(elem => {
elem.click();
});
}
}
setTimeout(function () {
processGraphVizSections();
}, 1);
}
if (document.readyState != 'loading') docReady();
else if (document.addEventListener) document.addEventListener('DOMContentLoaded', docReady);
else document.attachEvent('onreadystatechange', function () {
if (document.readyState == 'complete') docReady();
});
</script>
<!-- Github Buttons -->
<script async defer src="https://buttons.github.io/buttons.js"></script>
<!-- Styles -->
<style>
.nats {
display: inline-block;
width: 16px;
height: 16px;
background: url(https://nats.io/img/nats-icon-color.svg);
background-size: 16px 16px;
}
div.graphviz {
background: transparent;
border: 0;
padding-top: 15px;
padding-right: 15px;
padding-bottom: 25px;
padding-left: 15px;
text-align: center;
}
code[data-viz] {
display: none;
}
.tab-wrap {
transition: 0.3s box-shadow ease;
border-radius: 6px;
max-width: 100%;
display: flex;
flex-wrap: wrap;
position: relative;
list-style: none;
background-color: #fff;
margin: 20px 0;
/* box-shadow: 0 1px 3px rgba(0, 0, 0, 0.12), 0 1px 2px rgba(0, 0, 0, 0.24);*/
}
.tab-wrap:hover {
box-shadow: 0 12px 23px rgba(0, 0, 0, 0.23), 0 10px 10px rgba(0, 0, 0, 0.19);
}
.tab {
display: none;
}
/* Using scss these would be generated, we have to manually create enough for all tabs, start with 8 */
.tab:checked:nth-of-type(1)~.tab__content:nth-of-type(1) {
opacity: 1;
transition: 0.5s opacity ease-in, 0.8s -webkit-transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease, 0.8s -webkit-transform ease;
position: relative;
top: 0;
z-index: 100;
-webkit-transform: translateY(0px);
transform: translateY(0px);
text-shadow: 0 0 0;
}
.tab:checked:nth-of-type(2)~.tab__content:nth-of-type(2) {
opacity: 1;
transition: 0.5s opacity ease-in, 0.8s -webkit-transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease, 0.8s -webkit-transform ease;
position: relative;
top: 0;
z-index: 100;
-webkit-transform: translateY(0px);
transform: translateY(0px);
text-shadow: 0 0 0;
}
.tab:checked:nth-of-type(3)~.tab__content:nth-of-type(3) {
opacity: 1;
transition: 0.5s opacity ease-in, 0.8s -webkit-transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease, 0.8s -webkit-transform ease;
position: relative;
top: 0;
z-index: 100;
-webkit-transform: translateY(0px);
transform: translateY(0px);
text-shadow: 0 0 0;
}
.tab:checked:nth-of-type(4)~.tab__content:nth-of-type(4) {
opacity: 1;
transition: 0.5s opacity ease-in, 0.8s -webkit-transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease, 0.8s -webkit-transform ease;
position: relative;
top: 0;
z-index: 100;
-webkit-transform: translateY(0px);
transform: translateY(0px);
text-shadow: 0 0 0;
}
.tab:checked:nth-of-type(5)~.tab__content:nth-of-type(5) {
opacity: 1;
transition: 0.5s opacity ease-in, 0.8s -webkit-transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease, 0.8s -webkit-transform ease;
position: relative;
top: 0;
z-index: 100;
-webkit-transform: translateY(0px);
transform: translateY(0px);
text-shadow: 0 0 0;
}
.tab:checked:nth-of-type(6)~.tab__content:nth-of-type(6) {
opacity: 1;
transition: 0.5s opacity ease-in, 0.8s -webkit-transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease, 0.8s -webkit-transform ease;
position: relative;
top: 0;
z-index: 100;
-webkit-transform: translateY(0px);
transform: translateY(0px);
text-shadow: 0 0 0;
}
.tab:checked:nth-of-type(7)~.tab__content:nth-of-type(7) {
opacity: 1;
transition: 0.5s opacity ease-in, 0.8s -webkit-transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease, 0.8s -webkit-transform ease;
position: relative;
top: 0;
z-index: 100;
-webkit-transform: translateY(0px);
transform: translateY(0px);
text-shadow: 0 0 0;
}
.tab:checked:nth-of-type(8)~.tab__content:nth-of-type(8) {
opacity: 1;
transition: 0.5s opacity ease-in, 0.8s -webkit-transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease;
transition: 0.5s opacity ease-in, 0.8s transform ease, 0.8s -webkit-transform ease;
position: relative;
top: 0;
z-index: 100;
-webkit-transform: translateY(0px);
transform: translateY(0px);
text-shadow: 0 0 0;
}
.tab:first-of-type:not(:last-of-type)+label {
border-top-right-radius: 0;
border-bottom-right-radius: 0;
}
.tab:not(:first-of-type):not(:last-of-type)+label {
border-radius: 0;
}
.tab:last-of-type:not(:first-of-type)+label {
border-top-left-radius: 0;
border-bottom-left-radius: 0;
}
.tab:checked+label {
background-color: #fff;
box-shadow: 0 -1px 0 #fff inset;
cursor: default;
font-weight: bold;
border: 1px solid #ddd;
border-bottom-color: transparent;
}
.tab:checked+label:hover {
box-shadow: 0 -1px 0 #fff inset;
background-color: #fff;
}
.tab+label {
box-shadow: 0 -1px 0 #eee inset;
border-radius: 6px 6px 0 0;
cursor: pointer;
display: block;
text-decoration: none;
color: #27aae1;
flex-grow: 3;
text-align: center;
-webkit-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
text-align: center;
transition: 0.3s background-color ease, 0.3s box-shadow ease;
height: 50px;
box-sizing: border-box;
padding: 15px;
}
.tab+label:hover {
background-color: #f9f9f9;
box-shadow: 0 1px 0 #f4f4f4 inset;
}
.tab__content {
padding: 2px 2px;
background-color: transparent;
position: absolute;
width: 100%;
z-index: -1;
opacity: 0;
left: 0;
-webkit-transform: translateY(-3px);
transform: translateY(-3px);
border-radius: 6px;
}
.tab__content pre {
margin-bottom: 0px !important;
}
.toolbar-icons {
display: inline-block;
position: relative;
padding-left: 4px;
}
a.toolbar-icons {
text-decoration: none;
}
.toolbar-icons .mdi {
color: #4183c4;
}
.copy-msg {
color: #4183c4;
}
.pull-right {
float: right !important;
}
.pull-left {
float: left !important;
}
</style>
<script src="../gitbook/gitbook.js"></script>
<script src="../gitbook/theme.js"></script>
<script src="../gitbook/gitbook-plugin-toggle-chapters/toggle.js"></script>
<script src="../gitbook/gitbook-plugin-search/search-engine.js"></script>
<script src="../gitbook/gitbook-plugin-search/search.js"></script>
<script src="../gitbook/gitbook-plugin-lunr/lunr.min.js"></script>
<script src="../gitbook/gitbook-plugin-lunr/search-lunr.js"></script>
<script src="../gitbook/gitbook-plugin-fontsettings/fontsettings.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink