-
Notifications
You must be signed in to change notification settings - Fork 44
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
b94dc40
commit 8fee77b
Showing
15 changed files
with
442 additions
and
21 deletions.
There are no files selected for viewing
11 changes: 11 additions & 0 deletions
11
doc/code_snippets/snippets/replication/instances.enabled/ssl/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| # TLS traffic encryption | ||
|
|
||
| A sample application demonstrating how to enable TLS traffic encryption for connections between replica set peers. | ||
|
|
||
| ## Running | ||
|
|
||
| To start all instances, execute the following command in the [replication](../../../replication) directory: | ||
|
|
||
| ```console | ||
| $ tt start ssl | ||
| ``` |
29 changes: 29 additions & 0 deletions
29
doc/code_snippets/snippets/replication/instances.enabled/ssl/certs/generate.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| #!/usr/bin/env bash | ||
| set -xeuo pipefail | ||
|
|
||
| # 1. Generate a root CA key. | ||
| openssl genrsa -out root_ca.key 2048 | ||
|
|
||
| # 2. Generate a root CA certificate. | ||
| openssl req -x509 -new -key root_ca.key -days 365 -out root_ca.crt -subj "/C=US/CN=Example-Root-CA" | ||
|
|
||
| # 3. Generate server keys encrypted using different passphrases. | ||
| openssl genrsa -aes256 -passout pass:'qwerty' -out server001.key 2048 | ||
| openssl genrsa -aes256 -passout pass:'123456' -out server002.key 2048 | ||
| openssl genrsa -aes256 -passout pass:'topsecret' -out server003.key 2048 | ||
|
|
||
| # 4. Create certificate signing requests based on server keys. | ||
| openssl req -new -key server001.key -passin pass:'qwerty' -subj "/C=US/ST=State/L=City/O=Example-Certificates/CN=server001/" -out server001.csr | ||
| openssl req -new -key server002.key -passin pass:'123456' -subj "/C=US/ST=State/L=City/O=Example-Certificates/CN=server002/" -out server002.csr | ||
| openssl req -new -key server003.key -passin pass:'topsecret' -subj "/C=US/ST=State/L=City/O=Example-Certificates/CN=server003/" -out server003.csr | ||
|
|
||
| # 5. Generate server certificates. | ||
| openssl x509 -req -in server001.csr -extfile <(printf "subjectAltName=DNS:localhost,IP:127.0.0.1") -days 365 -CA root_ca.crt -CAkey root_ca.key -CAcreateserial -out server001.crt | ||
| openssl x509 -req -in server002.csr -extfile <(printf "subjectAltName=DNS:localhost,IP:127.0.0.1") -days 365 -CA root_ca.crt -CAkey root_ca.key -CAcreateserial -out server002.crt | ||
| openssl x509 -req -in server003.csr -extfile <(printf "subjectAltName=DNS:localhost,IP:127.0.0.1") -days 365 -CA root_ca.crt -CAkey root_ca.key -CAcreateserial -out server003.crt | ||
|
|
||
| cp server001.crt server001.key instance001 | ||
| cp server002.crt server002.key instance002 | ||
| cp server003.crt server003.key instance003 | ||
|
|
||
| rm -rf root_ca.key server* |
21 changes: 21 additions & 0 deletions
21
doc/code_snippets/snippets/replication/instances.enabled/ssl/certs/instance001/server001.crt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDdDCCAlygAwIBAgIUZ3UUfbU+PVMvCBz6V60Cdhhlmi8wDQYJKoZIhvcNAQEL | ||
| BQAwJzELMAkGA1UEBhMCVVMxGDAWBgNVBAMMD0V4YW1wbGUtUm9vdC1DQTAgFw0y | ||
| NDAxMDkxMDIwMjlaGA8yMTAwMDEwMTEwMjAyOVowXzELMAkGA1UEBhMCVVMxDjAM | ||
| BgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5MR0wGwYDVQQKDBRFeGFtcGxlLUNl | ||
| cnRpZmljYXRlczESMBAGA1UEAwwJc2VydmVyMDAxMIIBIjANBgkqhkiG9w0BAQEF | ||
| AAOCAQ8AMIIBCgKCAQEAjV8WYiwj6pKhdvhd5JHKiRWsPH8DldGkuC22WYYqW4pG | ||
| 4jwIgbHK4XDw7dtIKiTp5j1hxswPYfelwT4PswvvUt2ZTuWrC2wxH7gUeX3WOoRV | ||
| GuQWvz5jwyZecGKa0D9a/0e/MedcqyNY8e15qUfFZXOg74hCp1VtXGJLtJ3ttL2Z | ||
| JXCXK+tLKbn5hK5XnyksHbd0yhHbfv3WgbyIJHkPf9Ld1McmvlJOsP/pYM31L3Pv | ||
| KS/NYtjC7ZrxGNYwmry+9ECfsqvdrR3WOSPc7x6XDluqQhsBpR5L5yMBD7/Pmdmh | ||
| 85QO89FpuE2fZbzbBgOAIv74m1+9vVo0bl9GQ5ItdQIDAQABo14wXDAaBgNVHREE | ||
| EzARgglsb2NhbGhvc3SHBH8AAAEwHQYDVR0OBBYEFLRPcYdn/ZzyvTICSE4eHkpq | ||
| Yo2uMB8GA1UdIwQYMBaAFMcoPooETZGmQ44FaE298f3LsrBDMA0GCSqGSIb3DQEB | ||
| CwUAA4IBAQCu2eVNEPiCgH2oEpieb5O3+H13RGt7K0OG8xIdrScLm8g7UP964uqS | ||
| V8svDodF++o/zBtL2ebbeTL7+cqW8Oz3NZrBiUmRdXUrGncpT26wNut8pppV9C8c | ||
| O533Mu0yPLXguoykE67BMiZ0aXafvCxEWj0d5Ml1BlIucaZ7HJY+C4JMeX/T27OQ | ||
| u4jrvNLykyfWu7aIquhKcxuzdMo7rFRGOR01738M0/Sp4a952of1lFuv/macgttQ | ||
| 6M5oWW/XgNwbbcTnN7oCv4aTK7QOoi3NZfAD723hq9AQLTZD/Nl+xkMBDMNiDc3R | ||
| 9r39ptN92K3YkAHaULLyk+c14Wox4f7N | ||
| -----END CERTIFICATE----- |
30 changes: 30 additions & 0 deletions
30
doc/code_snippets/snippets/replication/instances.enabled/ssl/certs/instance001/server001.key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| -----BEGIN ENCRYPTED PRIVATE KEY----- | ||
| MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIoIzCBu75OnUCAggA | ||
| MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBAGERLT6LYhWrk4nTQ2rAfEBIIE | ||
| 0Awkcsj9RAgl07YEFq0YrhjBmLw4xg++qKFBm5TKwwBBpzNLkefqzOoY9wRAQZF6 | ||
| vhgGg87rEUwWaKhyhVI2yq0osKtIz4wrC+VWdB5G4eMVRYes8f1DSXHBRksTs314 | ||
| QTF1TY+0mecGmEBQ0iOvE5Z4EcxZMUeZimMEb4nXnGVdkz+tskcru5Br9a7iArC0 | ||
| hp7ibf71J4KnQAS/rBiUBVBpDaE5tdNo0mU8Icy11vg/YkykTwZ5qeO3VLsHho5/ | ||
| nOsv7CB6UbGnVJCsQckFViJTDJvyyrmJ6urfqvPMLG5u/0sIWTDfYnPrTQOibt+N | ||
| XcvqrgZ09xLzLrgrqZ8E8nHX1xQ1w3m4TWKnXlM0enpzKp+BTMRTdly3V45asvpa | ||
| cUlbZjX+ktW0c/bsq91DU79uy5MZuOiX3BpPFeMgreES2YIjOYo1pYloHeAw3tGG | ||
| rfXYVuPo9IfrdkXmfq9LpqPcB5zsqkAAomPpLLfb2B/gisUZZ//Y+BAEaGOlwWoa | ||
| 81JrM363jt8U11up+6ahShwSjHol9QhqC1yEPgBVnpNbCj4ypzJxq9upnNjowvuL | ||
| D4MhVdVf58ILkiybASTvW2IeilQf9N3scwQwiRq1duLqkrjDKD1AqxsJQobPVuV3 | ||
| YxYZ7JwwvWD86eMsvtnevT1mG9NFRfmxPD4xesvtv7OdYxQqrrkGYhOz9f3YQJiu | ||
| EJBjq3HFnMmh9FFZ0W1I8OjnLKoN2z4XMo29HtPUX1sJpWM4wWAf+ZxABnO2kJyp | ||
| xV6XvuhZU4V/seL+DGL6cT1b4Zg0gcc//RnlkeX3l9cE0Sqi3FKv4aKBG4/g41vR | ||
| fNee0eB1O71rzwaNh4KYBgInNy70XjNnARxSC/KOd/el77Xv7hPKL9Wxah+B11Uc | ||
| Csw6Ynj+Ea+HrifVBWeo7z5cqQ1ZXQD6DKWfdvujYNxwSLMpBpk5d9rX1gUvQHOU | ||
| GmJjKp80Wrr3eA9tuBBiMkp0ljBjbagDr8PGjRwO9LslzGAUdzDuqsqLVJz8vv2t | ||
| uDxjYARmtQHCeG8VowpP3QmrbmNM2m7s4M5+G8ZhzAZCHvPXyEEItGMP9qcjNUk2 | ||
| Sqpkz3ZYPAtDFp+cx6raggULd1AWv2xJU0kvJULE8tyWev7AyZKz/buiG2Fib5WX | ||
| oJAQwAymkP13eGvIXaWUybsO98TgtlcaNlNkvTdmAwZyuZlYYvH9yiV2vi4ldqdl | ||
| irAVTWqiqDo9TiGRBR0QxuJPJciuJG5D+pOdIw6tU4XHq1RiikCYE9RMqiBddqlr | ||
| 5WB4j/ls0Mpqk6fvUkttEW6vovO1AQw80Ut5hifDu5hLM3CzqysTf0bbEgS7DcWg | ||
| hpQghcIWFJuNIrR4o7zN9hHHyKg6oZKF35edDoEmEr8COd12vIzLezanNkTwKB1A | ||
| 7FKSpT1A/u3W0D2oPHrkd2mGEjYO8RDhScMsPQjTnHObzSQvX8wGIQDIE4rLD8me | ||
| 9nxcodr+gNO/rdvEnQ1JWD52jW+S4mkJM4EswIO56sGy60sq4YoEzyWCexGxoWwF | ||
| lOrrX4vn2H6N++TPNBeWdnrT2L5BEKlbh0SHn74CPXXBNp6JqmdRUvTfHuC1C0jK | ||
| 7KQPwMleAeh969wMyGqZO+DGULNC0D+Apck9ZQ3Hb28E | ||
| -----END ENCRYPTED PRIVATE KEY----- |
21 changes: 21 additions & 0 deletions
21
doc/code_snippets/snippets/replication/instances.enabled/ssl/certs/instance002/server002.crt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDdDCCAlygAwIBAgIUYnbNUm7f3GQuqcJUmOcYMY7vu2QwDQYJKoZIhvcNAQEL | ||
| BQAwJzELMAkGA1UEBhMCVVMxGDAWBgNVBAMMD0V4YW1wbGUtUm9vdC1DQTAgFw0y | ||
| NDAxMDkxMDIwMjlaGA8yMTAwMDEwMTEwMjAyOVowXzELMAkGA1UEBhMCVVMxDjAM | ||
| BgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5MR0wGwYDVQQKDBRFeGFtcGxlLUNl | ||
| cnRpZmljYXRlczESMBAGA1UEAwwJc2VydmVyMDAyMIIBIjANBgkqhkiG9w0BAQEF | ||
| AAOCAQ8AMIIBCgKCAQEAqjNtMpDuy9XXI6Ve7wFlHFvA0PZIIooobHqSNt7A4fPQ | ||
| NgOvjSXi04o2dOCQ3Tz0ku5AMkx14ZLv13NMJNPWIO+jbuqIY0sTA7qxj7T2ykEW | ||
| Dga9lWKTe4fFXNOITClImF2OKYlriCYXQ+UrUSRSYfaapc2byo94qQG6GqNC4RI9 | ||
| AsKSVlEXbOtwglTjA2gItBZ0URyCntddXek4JaUfdfDjY4RT1prNUniIaAT/8Xz5 | ||
| HPJR1jSJ8093mDdIBjDCwv7tY8N9dVtUOdV9k0q0JMgwaKv9rj93J1Esnew8uDiL | ||
| UhEojYkRCZQ267csSnXghtl2ZVulcttJLhyeqQ7PUwIDAQABo14wXDAaBgNVHREE | ||
| EzARgglsb2NhbGhvc3SHBH8AAAEwHQYDVR0OBBYEFE+RD/crlhgQjup7dCT53kMG | ||
| cfYDMB8GA1UdIwQYMBaAFMcoPooETZGmQ44FaE298f3LsrBDMA0GCSqGSIb3DQEB | ||
| CwUAA4IBAQBXLD8RlbclU/w/ynL7Clr1EZRVaXtcvBNhzZMPG+N+cl9/OAbCc+K1 | ||
| zBqU9MC3+ftjCo0b1Gn+WelB0rBR43JMDbP/Lkwcn7GqJXk/KApG54ygSDxTasMj | ||
| rmMuw8eES/7ndo+X/u/Jy71CFEJZbW15GKzv55fYE1LIOILLEepn3ikOn/1jujCZ | ||
| 3oSikIlcIVkQSXOoglT1VBsWlNjA5AynofCjyW8VKVTZGCBvoBx7kVPUg4yzK2dx | ||
| gaIFosrqhV1v9ENfu+exErHDFyctsKsH34Tjjrkm+3hdseMjivBT8sOzWmTMNryk | ||
| 3QquTfdJbOMFw873ynIEj/Q9vHFT76Ae | ||
| -----END CERTIFICATE----- |
30 changes: 30 additions & 0 deletions
30
doc/code_snippets/snippets/replication/instances.enabled/ssl/certs/instance002/server002.key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| -----BEGIN ENCRYPTED PRIVATE KEY----- | ||
| MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIg0PYOtHuXYsCAggA | ||
| MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBCSkBdX9Acur/mj1FWWXiiyBIIE | ||
| 0H4nMqNCCkvVkbBKBy+5khhbCxN0kLgseHIPP3oAo6phLrhAAkv0xKr3wv/mR6Zp | ||
| 3jQ2JHbOfGrduFckdCBU8tST621p6wdRLwm9MbeWNjjsuSCKH45y5w2jU3aXiLpz | ||
| 4AsbweoO9a260nR4Aq5DG1t8VrJpofCfmye9FjacNGbCAa6HINigGrlp25USoead | ||
| sqqKf8Jl/g1729yzIB6WkTA9hXBxwz25BtgwSd+tUlvl6dYocKXCM6ljn/q25SgW | ||
| ozNBfOkzX3S8g6ZXjx0SkMdbUjuTrgjl7mn5cVYdjx6VM9fJjalca0h4Gr0kdHFM | ||
| z50D40Ha2O3HQ36ImKjlyzbZOjkIMpqOa6o7kH7jLlJLjYJo2+LocIr8/REw4Lgl | ||
| DeahUAl6Iya4K67sJG61FGKhzuOuxWW/Ymsa1v2Yq80PsZS1IyAD7jmH7zrT8mNq | ||
| 0T82z/hQfY+vOo+1+VMmZd1azm5UHap/bsJ32e8GXszdjH2P6dMkymAykYQVtt4/ | ||
| W6+Q53tCNfmfbdzFNszzvRP5VjcDvUGtiD9gSLsqsFCh7GJlD8vXcrrOn61l3OLC | ||
| 0CR3X9VBqerMiUFmsT1g7HsSHTD1h0OX2DTkhAfM0P4QXemGGke9/LBRsYaN07XD | ||
| akhs4jd++3hdMSWPSrm7JNx2BC2L+u4SyRdHnu7DtQ9DVPubwT63dhxMGkGzXOGK | ||
| 3x3payRlp96ckms27tiWnsiPfVe/CECS6YXK0PLONenbvVDQO31iWDcV2AgOd0nv | ||
| OKUuC/oN37kY4P6J8MGao3zsmcfWxQSWjnImdnLsqtD6QxqyNH18Id2GOcwrkuoG | ||
| 3Jyi43rR5c6r6O0ldvCB+iFHizzIBWA6GpDmzRYRd7lJlkQJ0ihCozWOsPC1lKZu | ||
| E3DiRwaTbGcOTOTJDHG6B3RE9YgZjZPkVVRYsPUp2e/flLr+2QZo3XyAFd9TJDOZ | ||
| GlCGnjmKVT83gRmgTd5mMfI2lm6vJwWC1jAIYNVuAQNWf+ZKsPfhm6mr6n6Najxr | ||
| lVPZOg+7loKxJLfcXIP3sItLCHT4Jc/rmn6/HwnFqrdFQDkIk/dPVYnIPZlCG24Z | ||
| to8pmjFyK5qX15rjZKAacYpSIoYHo26wFnFGSGtikUZXFm5aTGCxKnf+gBQ1Zrtw | ||
| +d9hKnmef0zlozU2b8byPRFNqV0cBaXxccXc5WFWJY60PZ6wbEs8wkBUmOh06pcR | ||
| IO4qX4RX1QRfSSldXNZ+3CFbUXT8u999DCCV/onw2NlbdqKiHQMoLhQQAWGReG1e | ||
| xpXXU8lRBMpW3PGHsWsGlzNTb4DkasKfL3LPxDc8DzDGrlkudYxARI23lHhKAZEv | ||
| WVqp00HiFA2n1HSqrdUjoBsnX5KzU5By4KgdS4pp8Le0vFStlq47257P3PUWEFnB | ||
| BFTmdbd44kOZK4mDgpyH3hQMJesdYMr8wWxhAUPx6SLK9OvVKRiLjjC1AHJQI6lS | ||
| umT8min1q88Pw9PfmL6speXYkPXD3PLms//bnqTI44rcptlWwmaZydW51cPc5CNA | ||
| CMVAoUHgwpJe+t+JH2B/ShmIG+Vh4aCEer70ZG38g8lLTG/wQNs0Cmfv01R2B53K | ||
| 4bJY7jCy8YUnB+pEVohyWltI3rNkA27brnISIBVllPKn | ||
| -----END ENCRYPTED PRIVATE KEY----- |
21 changes: 21 additions & 0 deletions
21
doc/code_snippets/snippets/replication/instances.enabled/ssl/certs/instance003/server003.crt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDdDCCAlygAwIBAgIUC2vN8EGo9naK0NawqRXTBdiR1BYwDQYJKoZIhvcNAQEL | ||
| BQAwJzELMAkGA1UEBhMCVVMxGDAWBgNVBAMMD0V4YW1wbGUtUm9vdC1DQTAgFw0y | ||
| NDAxMDkxMDIwMjlaGA8yMTAwMDEwMTEwMjAyOVowXzELMAkGA1UEBhMCVVMxDjAM | ||
| BgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5MR0wGwYDVQQKDBRFeGFtcGxlLUNl | ||
| cnRpZmljYXRlczESMBAGA1UEAwwJc2VydmVyMDAzMIIBIjANBgkqhkiG9w0BAQEF | ||
| AAOCAQ8AMIIBCgKCAQEAn51RtVj89wuf8lVjCiQ0UeIvkPO87YIO8O5b0G35IKuQ | ||
| rRcanLifN8skooDs+oINzHpgp7tENy+uPynOuw02TJx+Li4JXX1XAX5v2WGWET2Y | ||
| /VykmTzCFDovzAR+aVyarDONxRDvV1v86Hfee34mBxkWF8gz5cyTOZjtQMWKmaxZ | ||
| jGSazuNcqet9XJYsUqRdCnxG+VRJTfGG7lnQ/+7sRE0BVqOaU+xOdRZCuHEUp99d | ||
| NponYJUJa6UwL06abvS6OO0Ab81mBTnaev7hAjsfpY+SYItUfcRlc57yBESGGB0r | ||
| ymQKy70KmK2vMUPGoS6YKE3sBXBJJdl/DOAe2v53FQIDAQABo14wXDAaBgNVHREE | ||
| EzARgglsb2NhbGhvc3SHBH8AAAEwHQYDVR0OBBYEFLal5fgbXAZz+Zg11+GEVbjT | ||
| ed0oMB8GA1UdIwQYMBaAFMcoPooETZGmQ44FaE298f3LsrBDMA0GCSqGSIb3DQEB | ||
| CwUAA4IBAQC2qhOwJ3ZtZ5wyvI7qKzQ0IHy3D01tjN80YnUXm1MLkc3Jt8N/6apT | ||
| SvtS7o/IAmjlctoR2Xg4XTp0zgECgIWAQ07G9rGF5+i3au9ydTkFY3mjBEFCaa/6 | ||
| oet/MYSfx5JBfQoz4GkQk7qBesz1HTP19w10HFYH5HoLGkWkd3SITYnAn0aSzMvi | ||
| ymstSd1O9/rFefIrPuSRuKAxsSdIH/L6q5LAmq/k4BM1WeV7zpjxcNc7+SdiiW22 | ||
| ZoXcPLYcKh9UsbYon//1lipvR+x/zB4t5YyaevbpaY4MRTASVHM7rF/szTQE5+VZ | ||
| a9vz/3X+K9QrpCGqOyMzU8A6zcNeV3Kc | ||
| -----END CERTIFICATE----- |
30 changes: 30 additions & 0 deletions
30
doc/code_snippets/snippets/replication/instances.enabled/ssl/certs/instance003/server003.key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| -----BEGIN ENCRYPTED PRIVATE KEY----- | ||
| MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI4hq3UcvHxeMCAggA | ||
| MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBANIql3sdt63kUD9IS1h8uQBIIE | ||
| 0AyuJU6umXXNb8aO5UwcfJoeiVT6P0xr8guiPXNHx/hZpEE21RoHEUlqRgStLFqH | ||
| AaeWOaPBNehqpcFnU34llM+XZMt7diL9nVkZFa5cePGuR6Od4ZE5S0xDmzyOpAbq | ||
| Hvn3FhZtDih9nyZHZUFO7WFZFxQLLE6YU9GOW8UsHEBt8Z2zbn4eBaVUw81Elpv6 | ||
| uhpx0H+apmj+TcXehv7FvWxn64nOQSDICuK6Zwva3DC4Bc0OpRAhWKR81w0hdufK | ||
| ej1mcANgGu/zTp3JJ9eGf1DX1TIB8nM7SXPVz+mDELZPu6U9kMBRoiQ8B24UEoRY | ||
| 4VHODLDOoL7X+vbAk4oJVRqPnR/FvaAmzSTu4quOjRKE2fhBYD4oe4UTdp+5GxPK | ||
| 4qcxS9eqe1/Jl4mPYCsM9oXdrRNVvk3lKPG63TVqEr6vrCfV+sogFYY/qY1sL81H | ||
| vkHF5QjqLTdWiSI82HiqoczQKfvZXdqZWB32YPiiZhv9LyyuTdHzvijFNRW6X6xf | ||
| Eng66BJ+S8TYr7ib+cUUy1OLyh5a6WAs/qsy2Fi02KOHN8BNfznwAqmJ14IbQrRQ | ||
| JjYaHhTHm+FZFpU+if32mSPr/CjmGuzhGNlh+Pm+5udDOvVcqAE9ifAZ9G9f9jgd | ||
| 1vuTNOkWSwLcY2hs3vRN9VrDxbQ9PivB8Asr08F84KceJEaReN2CCiyCR++q95oH | ||
| 2imrrQLH5EXM6Xc2k5OnltrWSLzvA58bJ+KcHj+MvRMx7kTjDcTrOHL0/xbqeXzU | ||
| TDaft8gGtudlFqy3/4kuV5Zp3E0Bgn/1WjUe8/VUJuYCX2ffhQVAc+Yum3o80Mu3 | ||
| RH7kEaZQeqnxC8qwiu6aOsqg3C74Hc+rguWeXnUV5Ysb3rcq1O50PGWEsey/+nxn | ||
| 7I8hgZFvJrlYs05jQu93/Hzps5jVuxluRzFHuZcEM1v/12jNnY/C7yQSWctZFdD4 | ||
| h7DnzGjPgD/CRd0V63ScciRDfofQtFcshMEJjtCiP2tzmCMB4S7VB1186JdTLWys | ||
| u5OmQ76F2CcmBybksrx7dZyVB/z3gNB3/DObBVvVxn8z/WMqsoKjjXbJvHUBeo2W | ||
| KnZY7VHMjhsRGTLcxfL8jeS2clkEl4qOO0d47HIFy90BmLLpWosC+ZX5AMsrX2x7 | ||
| xV6yfXBGU5JHXRrofvC3AH33GlHkQ1r6r5SDqLDQrAAMm0eqlOjmiNM151M1uORw | ||
| m4r1csflKlIkWLwFVH1BIMmB8eGefyfS/4lXhx+UvvZKgFkJDJ3IJ0oHdj2zHiln | ||
| sp2WIm/nh9wqDh7fvGP+b1skVFlrChuTtjNHa4Ye2QagWRgZfAZAh89HuMfclC5x | ||
| 0w971lLbnoC3iB7tjY8+J9Ye6Mzim6oZofROdBDxbDXraaYjcq/EezfFDPTUSpGx | ||
| JtX2Cr4nq596TucXXwKjHBHnjfhUPdeLRWBRSidkyogjrW68tVUCUZ7a0/3a2wz1 | ||
| 6hRLvKzxnMGXfr1cggtX8PapgIXNOLxkjmLPmoEEQLNqOSXzx7y+iLGPzYcj2Fe+ | ||
| gV93fIq1IbwEChOFTHa/WtoN+idhESqvPvH2PKnWmAB5ioLYDCIQ6BnKWdPflrYh | ||
| mGfTg3YhOuwFmTkZPnvKux+yOLTDZfzeaMmBpdeQuHl3 | ||
| -----END ENCRYPTED PRIVATE KEY----- |
20 changes: 20 additions & 0 deletions
20
doc/code_snippets/snippets/replication/instances.enabled/ssl/certs/root_ca.crt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDMTCCAhmgAwIBAgIUTbG8/x5SNhhMkhq1/spUkvTNGtUwDQYJKoZIhvcNAQEL | ||
| BQAwJzELMAkGA1UEBhMCVVMxGDAWBgNVBAMMD0V4YW1wbGUtUm9vdC1DQTAgFw0y | ||
| NDAxMDkxMDIwMjRaGA8yMTAwMDEwMTEwMjAyNFowJzELMAkGA1UEBhMCVVMxGDAW | ||
| BgNVBAMMD0V4YW1wbGUtUm9vdC1DQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC | ||
| AQoCggEBAL7K7lF5lXLunkNNI1ieuOgWyASA4fLNGxoGmZznwHCS3qVO2OmULy1Z | ||
| tKYCDZdQLRfc1GRR+PepbU5XVZUSm0k3VRVgT6FXrml6WVIISfjti18tZeybQzpt | ||
| c1HnnZk4prsq+pbckiCzFisg1xpG3CxyJUzrq010rKt1LGAeP32L0rI0yBBe08U6 | ||
| fSbX3kyGTl6bf3OIhpMVmg9VNB2LZm+FgEUG4OUpRT0yMk7Al+IxFt/R2TndfIhd | ||
| ZHu4t/lJLqHzfFyvM6XVEThP8y5eJ9dF0Oz6jUcNC45Tw6t9ubOGnwBriWkgLtw9 | ||
| 4VK0XwK4tRvVQgptd2xro/sHFW14Sa0CAwEAAaNTMFEwHQYDVR0OBBYEFMcoPooE | ||
| TZGmQ44FaE298f3LsrBDMB8GA1UdIwQYMBaAFMcoPooETZGmQ44FaE298f3LsrBD | ||
| MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAGBnpnV8NoGoz8sF | ||
| IjEFwF76rfYT/NhYEE5SV9zOGE5kgbFh1N1+lAlcFpULsxXm+6ULnMZbrKGTDCKS | ||
| tD7XhPqTP5DHjxyXvD4VTZVgQ8NAUtttM+w8vdjIIHGHoQkdCo5QpGxqGZhlRCnM | ||
| HFQwmeXFKalln4qfgpkBA92K8H2eK/7ZhnnAGh/bclgOV7KOknV/hs7cBuwYIHVP | ||
| c7UCSyUMSkhujCysjRw5zjLiSM6bO8XFrVt0hOxZhV91mHXsIFZ2MopVIO4vPBHJ | ||
| q1z2XTu49XOrY4+N+7Sk37wImjfE5BD+U3GTw2QfoFO4EHd2JvvfoqS6Q5BtQ1lp | ||
| 6OZswbA= | ||
| -----END CERTIFICATE----- |
3 changes: 3 additions & 0 deletions
3
doc/code_snippets/snippets/replication/instances.enabled/ssl/certs/ssl_passwords.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| qwerty | ||
| 123456 | ||
| topsecret |
59 changes: 59 additions & 0 deletions
59
doc/code_snippets/snippets/replication/instances.enabled/ssl/config.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| credentials: | ||
| users: | ||
| admin: | ||
| password: 'topsecret' | ||
| roles: [ super ] | ||
| replicator: | ||
| password: 'topsecret' | ||
| roles: [replication] | ||
|
|
||
| iproto: | ||
| advertise: | ||
| peer: | ||
| login: replicator | ||
|
|
||
| replication: | ||
| failover: manual | ||
|
|
||
| groups: | ||
| group001: | ||
| replicasets: | ||
| replicaset001: | ||
| leader: instance001 | ||
| instances: | ||
| instance001: | ||
| iproto: | ||
| listen: | ||
| - uri: '127.0.0.1:3301' | ||
| params: | ||
| transport: 'ssl' | ||
| ssl_ca_file: 'certs/root_ca.crt' | ||
| ssl_cert_file: 'certs/instance001/server001.crt' | ||
| ssl_key_file: 'certs/instance001/server001.key' | ||
| ssl_password: 'qwerty' | ||
| ssl_ciphers: 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256' | ||
| instance002: | ||
| iproto: | ||
| listen: | ||
| - uri: '127.0.0.1:3302' | ||
| params: | ||
| transport: 'ssl' | ||
| ssl_ca_file: 'certs/root_ca.crt' | ||
| ssl_cert_file: 'certs/instance002/server002.crt' | ||
| ssl_key_file: 'certs/instance002/server002.key' | ||
| ssl_password_file: 'certs/ssl_passwords.txt' | ||
| ssl_ciphers: 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256' | ||
| instance003: | ||
| iproto: | ||
| listen: | ||
| - uri: '127.0.0.1:3303' | ||
| params: | ||
| transport: 'ssl' | ||
| ssl_ca_file: 'certs/root_ca.crt' | ||
| ssl_cert_file: 'certs/instance003/server003.crt' | ||
| ssl_key_file: 'certs/instance003/server003.key' | ||
| ssl_password_file: 'certs/ssl_passwords.txt' | ||
| ssl_ciphers: 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256' | ||
|
|
||
| app: | ||
| file: 'myapp.lua' |
3 changes: 3 additions & 0 deletions
3
doc/code_snippets/snippets/replication/instances.enabled/ssl/instances.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| instance001: | ||
| instance002: | ||
| instance003: |
10 changes: 10 additions & 0 deletions
10
doc/code_snippets/snippets/replication/instances.enabled/ssl/myapp.lua
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| function connect() | ||
| local connection = require('net.box').connect({ | ||
| uri = 'admin:[email protected]:3301', | ||
| params = { transport = 'ssl', | ||
| ssl_cert_file = 'certs/instance001/server001.crt', | ||
| ssl_key_file = 'certs/instance001/server001.key', | ||
| ssl_password = 'qwerty' } | ||
| }) | ||
| return connection | ||
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.