DB SSL

Information

Release v1.0.2 added support for SSL connections to the database.

Required Steps

To get started, change the DB_SSL environment variable to one of the following.

disable - No SSL
require - Always SSL (skip verification)
verify-ca - Always SSL (verify that the certificate presented by the server was signed by a trusted CA)
verify-full - Always SSL (verify that the certification presented by the server was signed by a trusted CA and the server host name matches the - one in the certificate)

Then set the environment variable DB_SSL_ROOT_CERT to the container path of the Database's root certificate. Placing the certificate file in the mounted data folder allows you to set the DB_SSL_ROOT_CERT path to /data/cert-name.crt.

Notes

Recommended DB_SSL setting is verify-full.
If you receive an error when using verify-full along the lines of x509: certificate relies on legacy Common Name field, then set DB_SSL to verify-ca or update your database's root certificate.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

DB SSL

Information

Required Steps

Notes

Clone this wiki locally