You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ndeodhar
changed the title
[YSQL] use ~/.yugabyte as default certificate folder for ysqlsh
[YSQL] use ~/.yugabytedb as default certificate folder for ysqlsh
Nov 21, 2019
Summary:
Default TLS certificate folder was changed from `~/.postgresql` to `~/.yugabytedb`.
Default certificate names `postgresql.crt` and `postgresql.key` were renamed to `yugabytedb.crt` and `yugabytedb.key` respectively.
Also function for getting home folder was improved by reading "HOME" env variable in case usual way fails.
Problem with getting home folder occurs when `ysqlsh` from release `tar.gz` archive is run on `ubuntu`.
Test Plan:
Manual.
- start cluster with TLS enabled on client connections
```yb-ctl start --tserver_flags "use_client_to_server_encryption=true,use_node_to_node_encryption=true,allow_insecure_connections=false" --master_flags "use_node_to_node_encryption=true,allow_insecure_connections=false"```
- place SQL client certificates in `~/.yugabyedb` folder
- connect to cluster without explicitly specified certificate flags
```
ysqlsh -h 127.0.0.1 -U postgres -p 5433 sslmode=require
```
Reviewers: mihnea, neha
Reviewed By: neha
Subscribers: yql
Differential Revision: https://phabricator.dev.yugabyte.com/D7610
By default
ysqlsh
searches for TLS certificated in~/.postgresql
folder. Is should be changed to~/.yugabytedb
The text was updated successfully, but these errors were encountered: