I'm following https://getakka.net/articles/remoting/security.html documentation to implement TLS Secured communication using an Akka.Net cluster. I have generated a self-signed certificate using IIS and imported the certoficate TheCertifcate.pfx to Local Computer/Trusted Root Certification Authorities. The certificate is listed there now.
I need to know how to use the certificate path
remote {
dot-netty.tcp {
hostname = "localhost"
port = XXXX
enable-ssl = true
log-transport = true
ssl {
suppress-validation = true
certificate {
# valid ssl certificate must be installed on both hosts
path = "C:\\Workspace\\CertficateUtils\\TheCertificate.pfx"
password = "thepassword"
}
}
}
}
What am I supposed to use in path
?
Short answer The path will be just like above.
Long answer The path is the physical folder path where you save the self-signed certificate. In my case "C:\\Workspace\\CertficateUtils\\TheCertificate.pfx"
. You need to import this certificate to Local Computer/ Trusted Root Certification Authorities though.
But the above configuration is NOT ENOUGH to make an Akka.NET Actor System communicate with SSL encryption. We need to specify the transport protocol as ssl where we specify actor node addresses. That is in the hocon configurations or in code where we use any node adress like
"akka.tcp://lighthouse@127.0.0.1:port", "akka.tcp://RemoteSystem@127.0.0.1:port"
need to be updated to
"akka.ssl.tcp://lighthouse@127.0.0.1:port", "akka.ssl.tcp://RemoteSystem@127.0.0.1:port"
where akka.ssl.tcp
is the transport protocol.