Secure Connections Using TLS

the sql service endpoint can make use of tls the sql service always has tls functionality enabled and active the database allows connections either unencrypted, or using tls/ssl the certificates used to establish ssl connections are located in the directory specified by certificatestore/path in the yaml the rolehostd conf file, which is /var/opt/ocient by default the certificate files need to exist on the sql nodes for connecting using jdbc /var/opt/ocient/server crt /var/opt/ocient/server key /var/opt/ocient/server ca crt the server first looks for the certificate or key files named server crt and server key in that directory those files should be stored in pem format if those files do not exist, the database uses the same ocient crt and ocient key that are used for the internal cluster authentication the server crt and server key files should be used to provide user defined certificates to the database when these files are in place, restart the services and they will automatically make use of tls and the specified certificate by default, the database allows both encrypted and unencrypted database (jdbc) connections, even if the specified server crt and server key exist related links docid\ y ge7svqdmn 9yie2iuv6