Configuring the TLS Encryption

---

1. Get a certificate as Java keystore, see requirements.

   Literature

   For details on how to create a keystore and convert credentials, see Convert Certificates.

2. Copy the Java keystore into the tls configuration directory:

   C:\ProgramData\SEAL Systems\config\tls
   

3. In an editor, open the Keycloak configuration file:

   C:\ProgramData\SEAL Systems\config\keycloak.conf
   

4. Activate the following lines by decommenting them and enter the name of the Java keystore file and the associated password:

   # JKS encoded X.509 certificate
   https-key-store-file=C:\\ProgramData\\SEAL Systems\\config\\tls\\<keystore_filename>
   https-key-store-password=<keystore_password>
   

5. Deactivate the following lines by commenting them:

   # PEM encoded X.509 certificate
   #https-certificate-key-file=C:\\ProgramData\\SEAL Systems\\config\\tls\\key.pem
   #https-certificate-file=C:\\ProgramData\\SEAL Systems\\config\\tls\\cert.pem
   

6. Save the file and exit.

7. Restart the seal-keycloak service:

   restart-service seal-keycloak
   

---