Skip to content

Overview


All communication within SEAL Operator/SEAL Print Client is TLS encrypted. In the standard installation, self-signed certificates are used for this.

Caution - security gap

Using the pre-installed self-signed certificates in a productive system is a serious security gap!

Execute the following steps in order to avoid the annoying certificate warnings in the browser and to secure the different components of SEAL Operator/SEAL Print Client.


Requirement

Get a TLS certificate in the PEM format with a key.pem and a cert.pem file.

This certificate has to contain the following entries:

  • localhost (for local connections on a server)

  • Server name of SEAL Operator

Hint - certificate authority

All TLS certificates have to be signed by the same certificate authority (CA).

Hint - other formats

For how to convert other certificate formats, refer to Convert Certificates.


Avoid the Certificate Warnings in the Browser

In order to avoid the annoying certificate warnings in the browser, execute the following steps:


Secure the Remaining Components

In order to secure all components of SEAL Operator, additionally execute the following steps:

Hint - secure MongoDB

For how to secure MongoDB in general, refer to the SEAL-specific MongoDB documentation.


Next Step

Continue with: Secure the SEAL Operator Services


Back to top