To configure ClustrixDB to use encrypted connections:
Create keys and certificates (using your choice of method) and copy them as the root user to every node:
shell> scp server-cert.pem [email protected]:/data/clustrix shell> scp server-key.pem [email protected]:/data/clustrix
On each node, transfer ownership of those files to the clxd user:
shell> sudo chown clxd server-*.pem
Certificates and keys must be in the same location on every node.
Configure ClustrixDB to use these certificates, keys, and SSL:
sql> SET GLOBAL ssl_cert = '/data/clustrix/server-cert.pem';
ALTER CLUSTER RELOAD SSL validates the location of the certificates and keys. If this command fails, the clustrix.log may include more detail.