Uploading to Exasol v8 does not use TLS

[kaklakariada]

Connection to Exasol v8 fails, even when specifying bfss://.... Also when entering a TLS port in config.ini BFSC still connects unencrypted (http), not TLS (https).

[DirkatExasol]

The config.ini:

[default] host=18.158.58.119 port=2581 bucket=default password.read=abcd1234 password.write=abcd1234

The command line call(s):

% bfsc -pw ls bfss://18.158.xxx.yyy:2581/default/ E-BFSJ-5: I/O error trying to list 'https://18.158.58.yyy.yyy:2581/default'

% bfsc ls bfss:///default/ E-BFSJ-5: I/O error trying to list 'https://18.158.xxx.yyy:2581/default'

bfsc -pw ls bfss:/default/ E-BFSJ-5: I/O error trying to list 'https://18.158.xxx.yyy:2581/default'

The respective curl commands work flawlessly!

[kaklakariada]

@DirkatExasol thanks for the details! We need to add TLS integration tests in #33 before we can work on this.

[pj-spoelders]

For Exasol 7.1.25 there's similar errors:

So I tried adding the self generated certificate to trusted certificates on a system level on Ubuntu: I did this by extracting the certificate, thessl.crt file found in exa/etc/sslon the docker to /usr/share/ca-certificates/Exasol (I created the exasol folder). Afterwards run sudo dpkg-reconfigure ca-certificates in the terminal, use space to select the new certificate, then 'tab' and press 'ok' This made the test I added run succesfully. edit: this test was the list command, not the upload command, so you still need to check if this actually works (TODO)

[pj-spoelders]

What needs to be discussed as well: Using a config file there's no protocol choice. The bucketfs http or https port could be customised. Should we assume 2580 or 2581 (for https) every time? Or should we add an optional protocol specifier.