Updating Certs Passed In The -node-encrypt Argument

4 views
Skip to first unread message

Austin Peña

unread,
Jan 7, 2022, 10:13:54 AMJan 7
to rqlite
Hi there!

Love rqlite! 

I'm curious of two things:
1. Is using -node-encrypt similar in security to using a self signed --http-cert? They're both technically the same level of encryption right?

2. How do I refresh -node-certs? 

Do I just replace the files? Should I just create long enough lived certificates that it becomes someone else's problem? (kidding)

Philip O'Toole

unread,
Jan 7, 2022, 10:22:14 AMJan 7
to rql...@googlegroups.com
Yes, same thing -- one is about using certs for the HTTP endpoints, other is about using certs for internode communication for Raft purposes. Does that answer your question?

As for refreshing, just copy the new certs to the file system.

How long-lived should the certs be? That's up to you

Philip

--
You received this message because you are subscribed to the Google Groups "rqlite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rqlite+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rqlite/3ef1ea76-5e79-404e-9e5e-3256ee94ce9bn%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages