1

I'm following https://getakka.net/articles/remoting/security.html documentation to implement TLS Secured communication using an Akka.Net cluster. I have generated a self-signed certificate using IIS and imported the certoficate TheCertifcate.pfx to Local Computer/Trusted Root Certification Authorities. The certificate is listed there now.

I need to know how to use the certificate path

remote {
        dot-netty.tcp {
            hostname = "localhost"
            port = XXXX
            enable-ssl = true
            log-transport = true
            ssl {
              suppress-validation = true
              certificate {
                # valid ssl certificate must be installed on both hosts
                path = "C:\\Workspace\\CertficateUtils\\TheCertificate.pfx"
                password = "thepassword"
              }
            }
        }
    }

What am I supposed to use in path?

Jeffrey Chung
  • 19,319
  • 8
  • 34
  • 54
Jins Peter
  • 2,368
  • 1
  • 18
  • 37

1 Answers1

2

Short answer The path will be just like above.

Long answer The path is the physical folder path where you save the self-signed certificate. In my case "C:\\Workspace\\CertficateUtils\\TheCertificate.pfx". You need to import this certificate to Local Computer/ Trusted Root Certification Authorities though.

But the above configuration is NOT ENOUGH to make an Akka.NET Actor System communicate with SSL encryption. We need to specify the transport protocol as ssl where we specify actor node addresses. That is in the hocon configurations or in code where we use any node adress like

"akka.tcp://lighthouse@127.0.0.1:port", "akka.tcp://RemoteSystem@127.0.0.1:port" need to be updated to "akka.ssl.tcp://lighthouse@127.0.0.1:port", "akka.ssl.tcp://RemoteSystem@127.0.0.1:port"

where akka.ssl.tcp is the transport protocol.

Jins Peter
  • 2,368
  • 1
  • 18
  • 37