{question}
How do we verify if the TLS/SSL connection is enabled and the cluster is secure?
{question}
{answer}
SingleStore DB supports secure connections over SSL. The configuration is compatible with MySQL's SSL features, including the standard client and drivers. The SSL library used is OpenSSL. Click here to learn about configuring SSL. In this article, we are going to discuss verifying the SSL connection,
Verify the SSL connection:
Check that you can connect with SSL to your Studio host using a designated name:
openssl s_client -verify_hostname studio.sdbcluster.org -connect studio.sdbcluster.org:8080
Check that you can connect with SSL to the SingleStore cluster (note: older versions of OpenSSL may not support this):
openssl s_client -connect YOUR_AGGREGATOR:3306 -starttls mysql
For an Intra-Cluster communication check, you should add the CA file to the test:
openssl s_client -connect YOUR_AGGREGATOR:3306 -CAfile /etc/memsql/ca-cert.pem -starttls mysql
Links related to SSL
Troubleshooting SSL
SSL and TLS Deployment Best Practices
Configuring SingleStoreDB for Secure Connections
{answer}