NATS, Xbus and TLS

published on by

Xbus 3 is a rewrite of Xbus 2 written in go and based on NATS. This simple yet powerful and high performance messaging system handles message delivery to the Xbus micro-services and clients.

One important feature of Xbus is privacy: nobody, including emitters and consumers, should be able to eavesdrop others communications, nor fake them.

Gnatsd (the NATS server) provides an authentication and authorization system, and TLS… but they were strictly independant, i.e. the authentication layer was not able to use TLS to identify a client.

We will explore how we managed to secure the communications on the bus thanks to gnatsd being open-source and pretty well architectured.