Updating Certs Passed In The -node-encrypt Argument

Skip to first unread message

Austin Peña

Jan 7, 2022, 10:13:54 AM1/7/22
to rqlite
Hi there!

Love rqlite! 

I'm curious of two things:
1. Is using -node-encrypt similar in security to using a self signed --http-cert? They're both technically the same level of encryption right?

2. How do I refresh -node-certs? 

Do I just replace the files? Should I just create long enough lived certificates that it becomes someone else's problem? (kidding)

Philip O'Toole

Jan 7, 2022, 10:22:14 AM1/7/22
to rql...@googlegroups.com
Yes, same thing -- one is about using certs for the HTTP endpoints, other is about using certs for internode communication for Raft purposes. Does that answer your question?

As for refreshing, just copy the new certs to the file system.

How long-lived should the certs be? That's up to you


You received this message because you are subscribed to the Google Groups "rqlite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rqlite+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rqlite/3ef1ea76-5e79-404e-9e5e-3256ee94ce9bn%40googlegroups.com.
Reply all
Reply to author
0 new messages