NXLog Docs

Certificate management

NXLog Agent Minder requires three certificates to work:

  • CA: Used to sign and verify certificates of agents and NXLog Agent Minder

  • Minder: The main certificate that secures TLS connections between NXLog Agent Minder and agents (must be signed by a CA key)

  • API: Secures NXLog Agent Minder’s public API.

The certificates and corresponding private keys can be specified explicitly in the NXLog Agent Minder configuration, otherwise they’re expected at their default locations. If particular certificate and private key are not specified in the app configuration and not available at default paths then NXLog Agent Minder generates them. Both Minder and API certificates generated by NXLog Agent Minder are always signed with CA key.

Table 1. environment variables
name values description


error, warn, info, debug, trace

defines the level of logging