Secure Canton Infrastructure - reference app

We’ve just published a reference app that demonstrates:

  • Deploying Canton components (single domain or split sequencer, mediator and domain manager)
  • Full PKI (TLS, mTLS) and JWT enforcement
  • HA using open-source versions of NGINX and HAProxy
  • First steps in demonstrating OCSP certificate revocation checking
  • Canton Console and Daml Script versions of user and party management
  • JSON API (no reverse proxy but this is in original ex-secure-daml-infra and may get ported)

Note: this is for reference only and not a production deployment.

Let us know what you think and what else would be interesting.