vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/dws/umn/dws_01_0076.html
Lu, Huayi c5fcb46315 DWS UMN 801 version 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Lu, Huayi <luhuayi@huawei.com>
Co-committed-by: Lu, Huayi <luhuayi@huawei.com>
2022-12-13 12:47:57 +00:00

195 lines
26 KiB
HTML
Raw Blame History

<a name="EN-US_TOPIC_0000001134400700"></a><a name="EN-US_TOPIC_0000001134400700"></a>
<h1 class="topictitle1">(Optional) Configuring SSL Connection</h1>
<div id="body1508830159190"><p id="EN-US_TOPIC_0000001134400700__p14226169125414">GaussDB(DWS) supports connections in SSL authentication mode so that data transmitted between the GaussDB(DWS) client and the database can be encrypted. The SSL mode delivers higher security than the common mode. By default, the SSL function is enabled in a cluster to allow SSL or non-SSL connections from the client. For security purposes, you are advised to enable SSL connection. If you want to use SSL connection, enable <strong id="EN-US_TOPIC_0000001134400700__b113836712841515">Require SSL Connection</strong> for the cluster.</p>
<p id="EN-US_TOPIC_0000001134400700__p833892918163">On the <strong id="EN-US_TOPIC_0000001134400700__b13422154620467">Security Settings</strong> page of the cluster, you can enable or disable <strong id="EN-US_TOPIC_0000001134400700__b9423546184613">Require SSL Connection</strong>.</p>
<div class="note" id="EN-US_TOPIC_0000001134400700__note1039751112519"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="EN-US_TOPIC_0000001134400700__ul1409159214"><li id="EN-US_TOPIC_0000001134400700__li1840181515216">After you have changed the security setting parameters and the settings take effect, the cluster may be restarted, which makes the cluster unavailable temporarily.</li><li id="EN-US_TOPIC_0000001134400700__li823513173210">To modify the cluster's security configuration, ensure that the following conditions are met:<ul id="EN-US_TOPIC_0000001134400700__ul158226346221"><li id="EN-US_TOPIC_0000001134400700__l8ef1eb822c604b2ea2f964115be39fde">The cluster status is <span class="parmvalue" id="EN-US_TOPIC_0000001134400700__parmvalue175476545941515"><b>Available</b></span> or <span class="parmvalue" id="EN-US_TOPIC_0000001134400700__parmvalue25313942341515"><b>Unbalanced</b></span>.</li><li id="EN-US_TOPIC_0000001134400700__lc6aa42a6117945f0b6d431dd79399c9a">The value of <strong id="EN-US_TOPIC_0000001134400700__b104372818471">Task Information</strong> cannot be <span class="parmvalue" id="EN-US_TOPIC_0000001134400700__parmvalue343828114710"><b>Creating snapshot</b></span>, <span class="parmvalue" id="EN-US_TOPIC_0000001134400700__pe579ce63ff8b471b88104f99b05025fa"><b>Resizing</b></span>, <span class="parmvalue" id="EN-US_TOPIC_0000001134400700__pecfe084eaa714769a86829a61b9635e1"><b>Configuring</b></span>, or <span class="parmvalue" id="EN-US_TOPIC_0000001134400700__p87cd9278c2ae47bbaaf4515c50327e83"><b>Restarting</b></span>.</li></ul>
</li></ul>
</div></div>
<p id="EN-US_TOPIC_0000001134400700__p83005275335">The following parts are included in this section:</p>
<ul id="EN-US_TOPIC_0000001134400700__ul167134481333"><li id="EN-US_TOPIC_0000001134400700__li182316245114"><a href="#EN-US_TOPIC_0000001134400700__section478703071283">Configuring SSL Connection</a></li><li id="EN-US_TOPIC_0000001134400700__li106476529337"><a href="#EN-US_TOPIC_0000001134400700__section1916311515557">Combinations of SSL Connection Parameters on the Client and Server</a></li></ul>
<div class="section" id="EN-US_TOPIC_0000001134400700__section478703071283"><a name="EN-US_TOPIC_0000001134400700__section478703071283"></a><a name="section478703071283"></a><h4 class="sectiontitle">Configuring SSL Connection</h4><ol id="EN-US_TOPIC_0000001134400700__ol5210990412816"><li id="EN-US_TOPIC_0000001134400700__li1530416288104"><span>Log in to the GaussDB(DWS) management console.</span></li><li id="EN-US_TOPIC_0000001134400700__li5247206216936"><span>In the navigation pane on the left, click <span class="uicontrol" id="EN-US_TOPIC_0000001134400700__uicontrol913294922103638"><b>Clusters</b></span>.</span></li><li id="EN-US_TOPIC_0000001134400700__li56042532161016"><span>In the cluster list, click the name of a cluster. On the page that is displayed, click <span class="uicontrol" id="EN-US_TOPIC_0000001134400700__ufa023c1c93dc49e9aacc8696bea743b2"><b>Security Settings</b></span>.</span><p><p id="EN-US_TOPIC_0000001134400700__ac0d0b87f55034b0ba360a07b48ffcf55">By default, <span class="parmname" id="EN-US_TOPIC_0000001134400700__p0a207d2946b346ed84f5735b04f1023b"><b>Configuration Status</b></span> is set to <span class="parmvalue" id="EN-US_TOPIC_0000001134400700__p7ed7279f92d64cb6af627d806d546d5d"><b>Synchronized</b></span>, which indicates that the latest database result is displayed.</p>
</p></li><li id="EN-US_TOPIC_0000001134400700__li59328012161810"><span>In the <strong id="EN-US_TOPIC_0000001134400700__b106789262553">SSL Connection</strong> area, enable <strong id="EN-US_TOPIC_0000001134400700__b17678132665510">Require SSL Connection</strong> (recommended).</span><p><p id="EN-US_TOPIC_0000001134400700__p17861112511383"><span><img id="EN-US_TOPIC_0000001134400700__image1686142515387" src="figure/en-us_image_0000001180320287.png"></span> indicates that the server requires SSL connection.</p>
<p id="EN-US_TOPIC_0000001134400700__p60986178161812"><span><img id="EN-US_TOPIC_0000001134400700__image71071635394" src="figure/en-us_image_0000001180440227.jpg"></span> indicates that no SSL connection is required (default).</p>
<div class="fignone" id="EN-US_TOPIC_0000001134400700__fig624582833812"><span class="figcap"><b>Figure 1 </b>SSL connection</span><br><span><img id="EN-US_TOPIC_0000001134400700__image98201910131117" src="figure/en-us_image_0000001134400860.png" width="NaN" height="NaN"></span></div>
<div class="note" id="EN-US_TOPIC_0000001134400700__note64139718145559"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="EN-US_TOPIC_0000001134400700__ul19613088145617"><li id="EN-US_TOPIC_0000001134400700__li33828191145617">If the gsql client or ODBC driver provided by GaussDB(DWS) is used, GaussDB(DWS) supports the TLSv1.2 SSL protocol.</li><li id="EN-US_TOPIC_0000001134400700__li3165030415129">If the JDBC driver provided by GaussDB(DWS) is used, GaussDB(DWS) supports SSL protocols, such as SSLv3, TLSv1, TLSv1.1, and TLSv1.2. The SSL protocol used between the client and the database depends on the Java Development Kit (JDK) version used by the client. Generally, JDK supports multiple SSL protocols.</li></ul>
</div></div>
</p></li><li id="EN-US_TOPIC_0000001134400700__li35286469121055"><span>Click <span class="uicontrol" id="EN-US_TOPIC_0000001134400700__uicontrol8004311455"><b>Apply</b></span>.</span><p><p id="EN-US_TOPIC_0000001134400700__p1937164185618">The system automatically saves the SSL connection settings. On the <span class="wintitle" id="EN-US_TOPIC_0000001134400700__wintitle7493450105820"><b>Security Settings</b></span> page, <span class="parmname" id="EN-US_TOPIC_0000001134400700__parmname1849319501589"><b>Configuration Status</b></span> is <span class="parmvalue" id="EN-US_TOPIC_0000001134400700__parmvalue777916172599"><b>Applying</b></span>. After <span class="parmname" id="EN-US_TOPIC_0000001134400700__parmname4474164434418"><b>Configuration Status</b></span> changes to <span class="parmvalue" id="EN-US_TOPIC_0000001134400700__parmvalue7474644114420"><b>Synchronized</b></span>, the settings have been saved and taken effect.</p>
</p></li></ol>
</div>
<div class="section" id="EN-US_TOPIC_0000001134400700__section1916311515557"><a name="EN-US_TOPIC_0000001134400700__section1916311515557"></a><a name="section1916311515557"></a><h4 class="sectiontitle">Combinations of SSL Connection Parameters on the Client and Server</h4><p id="EN-US_TOPIC_0000001134400700__p1526194203210">Whether the client uses the SSL encryption connection mode and whether to verify the server certificate depend on client parameter <strong id="EN-US_TOPIC_0000001134400700__b28518569313">sslmode</strong> and server (cluster) parameters <strong id="EN-US_TOPIC_0000001134400700__b26154246325">ssl</strong> and <strong id="EN-US_TOPIC_0000001134400700__b19707294326">require_ssl</strong>. The parameters are described as follows:</p>
<ul id="EN-US_TOPIC_0000001134400700__ul177312166196"><li id="EN-US_TOPIC_0000001134400700__li1773191610194"><strong id="EN-US_TOPIC_0000001134400700__b114451016153313">ssl (Server)</strong><div class="p" id="EN-US_TOPIC_0000001134400700__p164179316236">The <strong id="EN-US_TOPIC_0000001134400700__b379082683310">ssl</strong> parameter indicates whether to enable the SSL function. <strong id="EN-US_TOPIC_0000001134400700__b1025984118331">on</strong> indicates that the function is enabled, and <strong id="EN-US_TOPIC_0000001134400700__b1979044813312">off</strong> indicates that the function is disabled. <ul id="EN-US_TOPIC_0000001134400700__ul529216022315"><li id="EN-US_TOPIC_0000001134400700__li129250122317">The default value is <strong id="EN-US_TOPIC_0000001134400700__b1513462295719">on</strong> for clusters whose version is 1.3.1 or later, and you cannot set this parameter on the GaussDB(DWS) management console.</li><li id="EN-US_TOPIC_0000001134400700__li142923016233">For clusters whose version is earlier than 1.3.1, the default value is <strong id="EN-US_TOPIC_0000001134400700__b109371340103714">on</strong>. You can set this parameter in the <strong id="EN-US_TOPIC_0000001134400700__b1257710354574">SSL Connection</strong> area on the cluster's <strong id="EN-US_TOPIC_0000001134400700__b25774352573">Security Settings</strong> page of the GaussDB(DWS) management console.</li></ul>
</div>
</li><li id="EN-US_TOPIC_0000001134400700__li107621516191913"><strong id="EN-US_TOPIC_0000001134400700__b489162117399">require_ssl (Server)</strong><div class="p" id="EN-US_TOPIC_0000001134400700__p1560405532519">The <strong id="EN-US_TOPIC_0000001134400700__b174903815394">require_ssl</strong> parameter specifies whether the server forcibly requires SSL connection. This parameter is valid only when <strong id="EN-US_TOPIC_0000001134400700__b155348211409">ssl</strong> is set to <strong id="EN-US_TOPIC_0000001134400700__b101904534015">on</strong>. <strong id="EN-US_TOPIC_0000001134400700__b15960704016">on</strong> indicates that the server forcibly requires SSL connection. <strong id="EN-US_TOPIC_0000001134400700__b49887208409">off</strong> indicates that the server does not require SSL connection.<ul id="EN-US_TOPIC_0000001134400700__ul20651135316259"><li id="EN-US_TOPIC_0000001134400700__li46512533255">The default value is <strong id="EN-US_TOPIC_0000001134400700__b3984195965718">off</strong> for clusters whose version is 1.3.1 or later. You can set the <strong id="EN-US_TOPIC_0000001134400700__b103704814586">require_ssl</strong> parameter in the <strong id="EN-US_TOPIC_0000001134400700__b163764885816">Require SSL Connection</strong> area of the cluster's <strong id="EN-US_TOPIC_0000001134400700__b137619815585">Security Settings</strong> page on the GaussDB(DWS) management console.</li><li id="EN-US_TOPIC_0000001134400700__li1365115313257">For clusters whose version is earlier than 1.3.1, the default value is <strong id="EN-US_TOPIC_0000001134400700__b421104414412">off</strong>, and you cannot set this parameter on the GaussDB(DWS) management console.</li></ul>
</div>
</li><li id="EN-US_TOPIC_0000001134400700__li1074719161195"><strong id="EN-US_TOPIC_0000001134400700__b0427614194218">sslmode (Client)</strong><div class="p" id="EN-US_TOPIC_0000001134400700__p16746241355">You can set this parameter in the SQL client tool.<ul id="EN-US_TOPIC_0000001134400700__ul145580017351"><li id="EN-US_TOPIC_0000001134400700__li55586010358">In the gsql command line client, this parameter is the <span class="parmname" id="EN-US_TOPIC_0000001134400700__parmname187121432144319"><b>PGSSLMODE</b></span> parameter.</li><li id="EN-US_TOPIC_0000001134400700__li1555814016356">On the Data Studio client, this parameter is the <span class="parmname" id="EN-US_TOPIC_0000001134400700__parmname466617519436"><b>SSL Mode</b></span> parameter.</li></ul>
</div>
</li></ul>
<p id="EN-US_TOPIC_0000001134400700__a181be4053b3847ccb4ccd1aebec3aae4">The combinations of client parameter <strong id="EN-US_TOPIC_0000001134400700__b4806111711442">sslmode</strong> and server parameters <strong id="EN-US_TOPIC_0000001134400700__b56341535204411">ssl</strong> and <strong id="EN-US_TOPIC_0000001134400700__b1024513407444">require_ssl</strong> are as follows.</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0000001134400700__table15451139114317" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Combinations of SSL connection parameters on the client and server</caption><thead align="left"><tr id="EN-US_TOPIC_0000001134400700__r355add9c9a7f41bda915ac600dac576c"><th align="left" class="cellrowborder" valign="top" width="10.66%" id="mcps1.3.7.5.2.5.1.1"><p id="EN-US_TOPIC_0000001134400700__a7b70a0fb1cf54e2b9f5a848f2f620524"><strong id="EN-US_TOPIC_0000001134400700__b196519391394">ssl (Server)</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="14.85%" id="mcps1.3.7.5.2.5.1.2"><p id="EN-US_TOPIC_0000001134400700__af54a777133684c8d88584ba3c148d570"><strong id="EN-US_TOPIC_0000001134400700__b129116421913">sslmode (Client)</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="17.119999999999997%" id="mcps1.3.7.5.2.5.1.3"><p id="EN-US_TOPIC_0000001134400700__a4f4b48b5c8c94c01ba3cebcd3f604899"><strong id="EN-US_TOPIC_0000001134400700__b71667441493">require_ssl (Server)</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="57.37%" id="mcps1.3.7.5.2.5.1.4"><p id="EN-US_TOPIC_0000001134400700__a8b5c97f6e3eb452c938c6a2cff74c38f"><strong id="EN-US_TOPIC_0000001134400700__b8854114510917">Result</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="EN-US_TOPIC_0000001134400700__r62ddf2bbc75b4079b1a2ec62f0692d6b"><td class="cellrowborder" rowspan="10" valign="top" width="10.66%" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a3e78fc2918b34a6f8a717dde92f3fc2a">on</p>
</td>
<td class="cellrowborder" valign="top" width="14.85%" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a33fee70f27ae4b91a31daa855b8ed9a0">disable</p>
</td>
<td class="cellrowborder" valign="top" width="17.119999999999997%" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a8e8d0be8175d47918d0829af2781e983">on</p>
</td>
<td class="cellrowborder" valign="top" width="57.37%" headers="mcps1.3.7.5.2.5.1.4 "><p id="EN-US_TOPIC_0000001134400700__adabec5d250d2412bb0eeca24199da945">The server requires SSL, but the client disables SSL for the connection. As a result, the connection cannot be set up.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__rd1415aba4c6141cc8d4a9d9ee74dc80d"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a25f23ee3007f4fcc9044b75afd7c9954">disable</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a665fb82ed5de4de09ea9be0553daedab">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a86de0a2f9a5049c083cfd07ec10153a1">The connection is not encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__r9eb0e52c41d74b10b9c2c0b486f513dd"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a7131377f60394c7a9e3b19c6171dd019">allow</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__af9962f4ead2a4f158e2028064e8fa4ef">on</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__ab8d0f618c92a4140a9c1d9eae41b8ae9">The connection is encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__r647075f1e10c4c198317ecd0b83aca5c"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__aa0eee6d2caa049709669990d5430ebb7">allow</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__ad4739683696e4954afad8c5bcc52901c">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__ab4c8bb6ca01a4bd5bbae27bc36e0788d">The connection is not encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__r19c24691a02e4d328d0bd356da8767d5"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__aa9cb9ff881e9432683e93016dd10b6da">prefer</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a480653a387d44a67a72fc6ccfa586eee">on</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a4bda372df21844e5b891ae07b3acefe6">The connection is encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__racc4977e5ce341e79fb08358ab9b8c2d"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a4891f1b8e4c744c3b1c2358f1b6b70a1">prefer</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a9422603a15e14af08884d086d5fb18b5">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a128e4e83906246a08e3ca36a1c737b49">The connection is encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__r15f4c4a8ebb14afbafa099d85ef39298"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a9a9746a997944cee8349e6751c5e7099">require</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a51a659efccb84491b56a756c7213fc33">on</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__ad1da2821861d4f74807b2a231d74f776">The connection is encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__re3cb0b7aa7d147e8b9cddc4f8772e588"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a3ee91e2d35d447abaaa654fdfb2c1cda">require</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a2417da5d11b34e6eb22c5e23abd964a8">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__af733535d0a3547708898d100034ead60">The connection is encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__r6ad7de0dd0c14d2a9da79957f8e88a0c"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a7248e51cabc84b38927a8523b6f21137">verify-ca</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__ad1897b8a87a94fd69a4f1140c5898813">on</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a74366920fd6447d49377258bf6b1b264">The connection is encrypted and the server certificate is verified.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__rc33abe03abec4a2a8f57d3d3a64d7be3"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a80805b432a4f4eea8cc86766f78b2d15">verify-ca</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a483b735d07a04335a08e3cab6f92a97a">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a264a3332f3944e9a9f2b34db9b345b21">The connection is encrypted and the server certificate is verified.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__rf72d3e2843934cd9b8dd59548cd3be1c"><td class="cellrowborder" rowspan="10" valign="top" width="10.66%" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a217430f24485439393825ecceec13e0c">off</p>
</td>
<td class="cellrowborder" valign="top" width="14.85%" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a07fb6a03fd5a4007bd85a6328c4a9c6b">disable</p>
</td>
<td class="cellrowborder" valign="top" width="17.119999999999997%" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a6034b6a1a82a4d9e8e789e5d34d2d8b2">on</p>
</td>
<td class="cellrowborder" valign="top" width="57.37%" headers="mcps1.3.7.5.2.5.1.4 "><p id="EN-US_TOPIC_0000001134400700__a9e933492038b455a9d32758cb7933c32">The connection is not encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__re61e3ac813784038a929a41f4575f52f"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a889b21370a404bd4858140173ed02376">disable</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a6b83c26f620f403b8c575243b1f75513">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a078607c627c640079c7072c634fc362d">The connection is not encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__r954d308f6bd043beb3ea0ef02ce60721"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a1c8ac46fc0c24cf68ce77d2a7f60c7e1">allow</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__abe34e8f39ad24a4ea9a2649d00bb8ec9">on</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__afa8a5bb9f3114e43bcb5fa9b0e68faad">The connection is not encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__rad2d9b9a419042599a3742e0f4c64b9f"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__aa1db3dde5ffe46f29bf2ac88e0af8528">allow</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a18671a2e86c24c9093ecc0f070d5cec7">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a23067107fce2405899e18da68f250634">The connection is not encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__rbe2f3d97ccda4da7a94bd8aaea8c7c36"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a9f5bd8414de046b9b2ee868314e3bd58">prefer</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a44de2784e3c94135a54e65e76e0c54cc">on</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a54497bbf08d647738ef678f5616489a5">The connection is not encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__rb3edfcc877a940968323e421099419d4"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__ab3790c4c627447d5badb67c8688913dc">prefer</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__af831647acfb845f6a9e4cd4aa95c295b">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a5f855c85aade49e8a36bf05255ed55f6">The connection is not encrypted.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__r2632f81144f9406a87a2cc6c89011d82"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__ac35bbd9317c9416ab238cc122ce97d47">require</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a6e6e3cfa03d64e4abf4fc3995ae646f3">on</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__adfac91a6ac2246b0bb27b06c636dc232">The client requires SSL, but SSL is disabled on the server. Therefore, the connection cannot be set up.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__r1e457ea33fec4cac9e77887ffdf27622"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a29780e72f6c34caf8d1e89edd7a3dd19">require</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__a7a2cd8bc207c4849964f69d1c05d898b">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a1053e4dc3c5c4c5885d7c49c82a21623">The client requires SSL, but SSL is disabled on the server. Therefore, the connection cannot be set up.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__rf8ca62c481a3440d96e3be781d3c3da8"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a29a9174257c84b0e97d85d9bc7467bac">verify-ca</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__aaea7b0943815449085e4317001a96c5b">on</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a6fe94346112f44d99e3509134ee3bc6d">The client requires SSL, but SSL is disabled on the server. Therefore, the connection cannot be set up.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0000001134400700__rb81f0e36ee9b4433a08a6df14f302ff9"><td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.1 "><p id="EN-US_TOPIC_0000001134400700__a04d6064a2900404dbefd08bc70081503">verify-ca</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.2 "><p id="EN-US_TOPIC_0000001134400700__aa46206d00ff042dcb6e3054447adaa5c">off</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.5.2.5.1.3 "><p id="EN-US_TOPIC_0000001134400700__a3974806634b94ce49ae43e69f48fa246">The client requires SSL, but SSL is disabled on the server. Therefore, the connection cannot be set up.</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="dws_01_0093.html">Using the gsql CLI Client to Connect to a Cluster</a></div>
</div>
</div>
View Git Blame Copy Permalink