Updating Certs Passed In The -node-encrypt Argument

[Austin Peña]

Hi there!

Love rqlite! 

I'm curious of two things:

1. Is using -node-encrypt similar in security to using a self signed --http-cert? They're both technically the same level of encryption right?

2. How do I refresh -node-certs? 

Do I just replace the files? Should I just create long enough lived certificates that it becomes someone else's problem? (kidding)

[Philip O'Toole]

Yes, same thing -- one is about using certs for the HTTP endpoints, other is about using certs for internode communication for Raft purposes. Does that answer your question?

As for refreshing, just copy the new certs to the file system.

How long-lived should the certs be? That's up to you

Philip

--
You received this message because you are subscribed to the Google Groups "rqlite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rqlite+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rqlite/3ef1ea76-5e79-404e-9e5e-3256ee94ce9bn%40googlegroups.com.