Created a self signed cert for the test:
$ openssl req -newkey rsa:4096 -nodes -sha512 -x509 -days 3650 -nodes -out nats.pem -keyout nats-priv.pem
...
$ ls *.pem
nats.pem nats-priv.pem
Ran a docker container with NATS on linux:
PS> docker run -d --name=nats-tls -p 4222:4222 -v D:\scratch\natstls:/var/nats nats:linux -DV -tls -tlscert /var/nats/nats.pem -tlskey /var/nats/nats-priv.pem
Ran the NatsTlsTest program:
PS> & .\NatsTlsTest.exe
PS> docker logs nats-tls
[1] 2019/05/17 15:38:32.644884 [INF] Starting nats-server version 1.4.1
[1] 2019/05/17 15:38:32.645003 [DBG] Go build version go1.11.5
[1] 2019/05/17 15:38:32.645041 [INF] Git commit [3e64f0b]
[1] 2019/05/17 15:38:32.645363 [INF] Listening for client connections on 0.0.0.0:4222
[1] 2019/05/17 15:38:32.645394 [INF] TLS required for client connections
[1] 2019/05/17 15:38:32.645401 [DBG] Server id is LvE8NmEnCH1VjPEc9ulDqE
[1] 2019/05/17 15:38:32.645405 [INF] Server is ready
[1] 2019/05/17 15:38:53.878764 [DBG] A.B.C.D:60120 - cid:1 - Client connection created
[1] 2019/05/17 15:38:53.879252 [DBG] A.B.C.D:60120 - cid:1 - Starting TLS client connection handshake
[1] 2019/05/17 15:38:53.973282 [DBG] A.B.C.D:60120 - cid:1 - TLS handshake complete
[1] 2019/05/17 15:38:53.973376 [DBG] A.B.C.D:60120 - cid:1 - TLS version 1.2, cipher suite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[1] 2019/05/17 15:38:54.155621 [TRC] A.B.C.D:60120 - cid:1 - ->> [CONNECT {"auth_token":null,"lang":".NET","name":null,"pass":[REDACTED],"pedantic":false,"protocol":1,"ssl_required":true,"user":null,"verbose":false,"version":"0.0.1"}]
[1] 2019/05/17 15:38:54.156326 [TRC] A.B.C.D:60120 - cid:1 - ->> [PING]
[1] 2019/05/17 15:38:54.156366 [TRC] A.B.C.D:60120 - cid:1 - <<- [PONG]
[1] 2019/05/17 15:38:54.209407 [TRC] A.B.C.D:60120 - cid:1 - ->> [PUB test 12]
[1] 2019/05/17 15:38:54.209466 [TRC] A.B.C.D:60120 - cid:1 - ->> MSG_PAYLOAD: [Hello World!]
[1] 2019/05/17 15:38:54.209507 [DBG] A.B.C.D:60120 - cid:1 - Client connection closed