Change the Token for Encrypting the Credentials

---

If you keep the standard installation, MongoDB is used as credential store. For security reasons, change the pre-configured token used for encrypting the credentials. The token may be any string.

Hint - how to change the configuration

In the instructions below, SEAL Operator CLI is used for changing the configuration. You can also use the Consul Web interface.

Caution - possible data loss

If you execute this step on a running system, you need to backup the MongoDB beforehand and restore the data afterwards. Otherwise data loss will happen!

1. Open a Command Prompt or PowerShell.

2. Export the complete configuration of SEAL Operator from Consul to a YAML file with the following command. So you're making sure the current configuration settings are being used.

   operator config export <filename>.yml --insecure
   

3. Edit the exported file <filename>.yml.

4. In the env section, specify the new token in the key MONGO_TOKEN:

   env:
     service:
       ...
       operator-server:
         tag:
           any:
             MONGO_TOKEN: 'new_secure_token'
       ...
   

5. Save the file.

6. Re-import it to Consul.

   operator config import <filename>.yml --insecure
   

7. Stop all SEAL Operator services.

   operator service stop
   

8. When using a PowerShell, delete the complete data directory of MongoDB with the following command:

   rmdir -r %PROGRAMDATA%\SEAL Systems\data\seal-mongodb
   

   When in a Command Prompt, use the following command instead:

   rmdir /q /s %PROGRAMDATA%\SEAL Systems\data\seal-mongodb
   

9. Restart the service seal-mongodb.

   operator service start seal-mongodb
   

10. Restart the complete SEAL Operator System.

    operator service start
    

---