Closed voriol closed 3 years ago
Hello, currently not, but it may be a feature.
tls_config - name of a TLS config with client certificates, registered using clickhouse.RegisterTLSConfig(); implies secure to be true, unless explicitly specified
Sounds good! thank you @sundy-li
@voriol I tried change clickhouse-server and clickhouse-client config but got following error:
Code: 210. DB::NetException: SSL Exception: error:14000086:SSL routines::certificate verify failed (192.168.101.106:9440)
Do you know if there's a tutorial on this?
Found a tutorial: https://altinity.com/blog/2019/3/5/clickhouse-networking-part-2
e5b466ebe2ab07230dbc09bf693d6282316755fc (will be released in v1.8.12) fixed this. It adds the following config:
type ClickHouseConfig struct {
......
// Whether enable TLS encryption with clickhouse-server
Secure bool
// Whether skip verify clickhouse-server cert
InsecureSkipVerify bool
}
Hi!
Is it possible to establish a connection to the clickhouse "tcp_port_secure" port?
https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#server_configuration_parameters-tcp_port_secure
This requires the client to use a certificate file +key +CA:
Thanks!