mirrors/kube-arangodb
1
0
Fork 0
mirror of https://github.com/arangodb/kube-arangodb.git synced 2024-12-15 17:51:03 +00:00
Code Activity
kube-arangodb/docs/tls.md
Nikita Vaniasin fe66d98444
(Documentation) Move documentation from ArangoDB site into this repo (#1450) 
- remove duplicated docs
- update old docs with new info
- rework docs index page
- file names not changed to make sure redirects from old site will work as expected

Co-authored-by: jwierzbo <jakub.wierzbowski@arangodb.com>
2023-10-19 15:47:42 +02:00

1.4 KiB
Raw Blame History

Secure connections (TLS)

The ArangoDB Kubernetes Operator will by default create ArangoDB deployments that use secure TLS connections.

It uses a single CA certificate (stored in a Kubernetes secret) and one certificate per ArangoDB server (stored in a Kubernetes secret per server).

To disable TLS, set spec.tls.caSecretName to None.

Install CA certificate

If the CA certificate is self-signed, it will not be trusted by browsers, until you install it in the local operating system or browser. This process differs per operating system.

To do so, you first have to fetch the CA certificate from its Kubernetes secret.

kubectl get secret <deploy-name>-ca --template='{{index .data "ca.crt"}}' | base64 -D > ca.crt

Windows

To install a CA certificate in Windows, follow the procedure described here.

macOS

To install a CA certificate in macOS, run:

sudo /usr/bin/security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ca.crt

To uninstall a CA certificate in macOS, run:

sudo /usr/bin/security remove-trusted-cert -d ca.crt

Linux

To install a CA certificate in Linux, on Ubuntu, run:

sudo cp ca.crt /usr/local/share/ca-certificates/<some-name>.crt
sudo update-ca-certificates

See also