Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[YSQL] use ~/.yugabytedb as default certificate folder for ysqlsh #2985

Closed
d-uspenskiy opened this issue Nov 21, 2019 · 0 comments
Closed

[YSQL] use ~/.yugabytedb as default certificate folder for ysqlsh #2985

d-uspenskiy opened this issue Nov 21, 2019 · 0 comments
Assignees

Comments

@d-uspenskiy
Copy link
Contributor

d-uspenskiy commented Nov 21, 2019

By default ysqlsh searches for TLS certificated in ~/.postgresql folder. Is should be changed to ~/.yugabytedb

@d-uspenskiy d-uspenskiy self-assigned this Nov 21, 2019
@ndeodhar ndeodhar changed the title [YSQL] use ~/.yugabyte as default certificate folder for ysqlsh [YSQL] use ~/.yugabytedb as default certificate folder for ysqlsh Nov 21, 2019
d-uspenskiy added a commit that referenced this issue Nov 22, 2019
Summary:
Default TLS certificate folder was changed from `~/.postgresql` to `~/.yugabytedb`.
Default certificate names `postgresql.crt` and `postgresql.key` were renamed to `yugabytedb.crt` and `yugabytedb.key` respectively.

Also function for getting home folder was improved by reading "HOME" env variable in case usual way fails.
Problem with getting home folder occurs when `ysqlsh` from release `tar.gz` archive is run on `ubuntu`.

Test Plan:
Manual.
- start cluster with TLS enabled on client connections
```yb-ctl start --tserver_flags "use_client_to_server_encryption=true,use_node_to_node_encryption=true,allow_insecure_connections=false" --master_flags "use_node_to_node_encryption=true,allow_insecure_connections=false"```

- place SQL client certificates in `~/.yugabyedb` folder

- connect to cluster without explicitly specified certificate flags
```
ysqlsh -h 127.0.0.1 -U postgres -p 5433 sslmode=require
```

Reviewers: mihnea, neha

Reviewed By: neha

Subscribers: yql

Differential Revision: https://phabricator.dev.yugabyte.com/D7610
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant