1. Help Center
  2. Setup and configuration

How do I encrypt communication on a remote federator?

Lets check the indexer and federator.conf file to get this setup

On the indexer, ensure that you have TLS-Ingest-Port=4024, Key-File, and Certificate-File set as per https://docs.gravwell.io/docs/#!configuration/certificates.md

In the Federator config you will comment out e.g.:

 Cleartext-Backend-target=10.1.0.1:4023 

and replace it with:

 Encrypted-Backend-target=10.1.0.1:4024

to point at the new TLS-Ingest-Port. 

If needed, you can also configure the Federator to *listen* on a TLS encrypted socket, so that the ingesters which connect to it may send encrypted entries too. The options are briefly described at https://docs.gravwell.io/docs/#!ingesters/ingesters.md in the section titled "The Gravwell Federator".

If you have any questions please reach out to support@gravwell.io