TLS Options Documentation Not Working with v20.03.1 #5350

darkn3rd · 2020-05-02T18:16:47Z

Documentation

The documentation for TLS Options does not work in curent version v20.03.1

Specifically this no longer works:

# Now, connect to server using TLS
$ dgraph live --tls_dir tls -s 21million.schema -f 21million.rdf.gz

Workaround

The correct command depends on how the certificate was setup, and also the host that the service is running on. I was able to get it working with this:

dgraph live \
  --tls_cacert ./tls/ca.crt \
  --tls_cert ./tls/client.user.crt \
  --tls_key ./tls/client.user.key \
  --tls_server_name "$(hostname -f)" \
  -s 21million.schema \
  -f 21million.rdf.gz

I setup my environment with this:

curl -sSf https://get.dgraph.io | VERSION="v20.03.1" bash
dgraph cert
dgraph cert -n $(hostname -f)
dgraph cert -c user
dgraph zero --my="$(hostname -f):5080" --idx 1
dgraph alpha --my=$(hostname -f):7080 \
 --zero $(hostname -f):5080 \
  --lru_mb 2048 \
  --tls_dir=./tls \
  --tls_client_auth=REQUIREANDVERIFY

darkn3rd · 2020-05-07T00:47:22Z

I was hoping an engineer could look at this, verify if this was a feature at all. But in mean time editing documentation to show another path.

gumupaier · 2020-06-24T05:45:55Z

I had the same problem,

Error: unknown flag: --tls_dir

darkn3rd added kind/bug area/documentation status/accepted labels May 2, 2020

darkn3rd mentioned this issue May 6, 2020

mTLS/TLS documentation fixes #5382

Merged

May	JUN	Jul
	27
2019	2020	2021

dgraph-io / dgraph

TLS Options Documentation Not Working with v20.03.1 #5350

TLS Options Documentation Not Working with v20.03.1 #5350

darkn3rd commented May 2, 2020

darkn3rd commented May 7, 2020

gumupaier commented Jun 24, 2020

dgraph-io / dgraph

Join GitHub today

TLS Options Documentation Not Working with v20.03.1 #5350

TLS Options Documentation Not Working with v20.03.1 #5350

Comments

darkn3rd commented May 2, 2020

Documentation

Workaround

darkn3rd commented May 7, 2020

gumupaier commented Jun 24, 2020