Skip to content

Commit

Permalink
Add basic TLS configuration info to JDBC connector docs
Browse files Browse the repository at this point in the history
  • Loading branch information
jhlodin authored and hashhar committed Jan 21, 2022
1 parent 8c858b8 commit 5313c35
Show file tree
Hide file tree
Showing 6 changed files with 130 additions and 0 deletions.
21 changes: 21 additions & 0 deletions docs/src/main/sphinx/connector/clickhouse.rst
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,27 @@ appropriate for your setup:
connection-user=exampleuser
connection-password=examplepassword
.. _clickhouse-tls:

Connection security
^^^^^^^^^^^^^^^^^^^

If you have TLS configured with a globally-trusted certificate installed on your
data source, you can enable TLS between your cluster and the data
source by appending a parameter to the JDBC connection string set in the
``connection-url`` catalog configuration property.

For example, with version 2.6.4 of the ClickHouse JDBC driver, enable TLS by
appending the ``ssl=true`` parameter to the ``connection-url`` configuration
property:

.. code-block:: properties
connection-url=jdbc:clickhouse://host1:8123/?ssl=true
For more information on TLS configuration options, see the `Clickhouse JDBC
driver documentation <https://clickhouse.com/docs/en/interfaces/jdbc/>`_

Multiple ClickHouse servers
^^^^^^^^^^^^^^^^^^^^^^^^^^^

Expand Down
20 changes: 20 additions & 0 deletions docs/src/main/sphinx/connector/memsql.rst
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,26 @@ connection properties as appropriate for your setup:
connection-user=root
connection-password=secret
.. _singlestore-tls:

Connection security
^^^^^^^^^^^^^^^^^^^

If you have TLS configured with a globally-trusted certificate installed on your
data source, you can enable TLS between your cluster and the data
source by appending a parameter to the JDBC connection string set in the
``connection-url`` catalog configuration property.

Enable TLS between your cluster and SingleStore by appending the ``useSsl=true``
parameter to the ``connection-url`` configuration property:

.. code-block:: properties
connection-url=jdbc:mariadb://example.net:3306/?useSsl=true
For more information on TLS configuration options, see the `JDBC driver
documentation <https://mariadb.com/kb/en/about-mariadb-connector-j/#tls-parameters>`_.

Multiple SingleStore servers
^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Expand Down
26 changes: 26 additions & 0 deletions docs/src/main/sphinx/connector/mysql.rst
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,32 @@ determine the user credentials for the connection, often a service user. You can
use :doc:`secrets </security/secrets>` to avoid actual values in the catalog
properties files.

.. _mysql-tls:

Connection security
^^^^^^^^^^^^^^^^^^^

If you have TLS configured with a globally-trusted certificate installed on your
data source, you can enable TLS between your cluster and the data
source by appending a parameter to the JDBC connection string set in the
``connection-url`` catalog configuration property.

For example, with version 8.0 of MySQL Connector/J, use the ``sslMode``
parameter to secure the connection with TLS. By default the parameter is set to
``PREFERRED`` which secures the connection if enabled by the server. You can
also set this parameter to ``REQUIRED`` which causes the connection to fail if
TLS is not established.

You can set the ``sslMode`` paremeter in the catalog configuration file by
appending it to the ``connection-url`` configuration property:

.. code-block:: properties
connection-url=jdbc:mysql://example.net:3306/?sslMode=REQUIRED
For more information on TLS configuration options, see the `MySQL JDBC security
documentation <https://dev.mysql.com/doc/connector-j/8.0/en/connector-j-connp-props-security.html#cj-conn-prop_sslMode>`_.

Multiple MySQL servers
^^^^^^^^^^^^^^^^^^^^^^

Expand Down
21 changes: 21 additions & 0 deletions docs/src/main/sphinx/connector/postgresql.rst
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,27 @@ determine the user credentials for the connection, often a service user. You can
use :doc:`secrets </security/secrets>` to avoid actual values in the catalog
properties files.

.. _postgresql-tls:

Connection security
^^^^^^^^^^^^^^^^^^^

If you have TLS configured with a globally-trusted certificate installed on your
data source, you can enable TLS between your cluster and the data
source by appending a parameter to the JDBC connection string set in the
``connection-url`` catalog configuration property.

For example, with version 42 of the PostgreSQL JDBC driver, enable TLS by
appending the ``ssl=true`` parameter to the ``connection-url`` configuration
property:

.. code-block:: properties
connection-url=jdbc:postgresql://example.net:5432/database?ssl=true
For more information on TLS configuration options, see the `PostgreSQL JDBC
driver documentation <https://jdbc.postgresql.org/documentation/head/connect.html>`_.

Multiple PostgreSQL databases or servers
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Expand Down
22 changes: 22 additions & 0 deletions docs/src/main/sphinx/connector/redshift.rst
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,28 @@ connection properties as appropriate for your setup:
connection-user=root
connection-password=secret
.. _redshift-tls:

Connection security
^^^^^^^^^^^^^^^^^^^

If you have TLS configured with a globally-trusted certificate installed on your
data source, you can enable TLS between your cluster and the data
source by appending a parameter to the JDBC connection string set in the
``connection-url`` catalog configuration property.

For example, on version 2.1 of the Redshift JDBC driver, TLS/SSL is enabled by
default with the ``SSL`` parameter. You can disable or further configure TLS
by appending parameters to the ``connection-url`` configuration property:

.. code-block:: properties
connection-url=jdbc:redshift://example.net:5439/database;SSL=TRUE;
For more information on TLS configuration options, see the `Redshift JDBC driver
documentation
<https://docs.aws.amazon.com/redshift/latest/mgmt/jdbc20-configuration-options.html#jdbc20-ssl-option>`_.

Multiple Redshift databases or clusters
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Expand Down
20 changes: 20 additions & 0 deletions docs/src/main/sphinx/connector/sqlserver.rst
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,26 @@ determine the user credentials for the connection, often a service user. You can
use :doc:`secrets </security/secrets>` to avoid actual values in the catalog
properties files.

.. _sqlserver-tls:

Connection security
^^^^^^^^^^^^^^^^^^^

If you have TLS configured with a globally-trusted certificate installed on your
data source, you can enable TLS between your cluster and the data
source by appending a parameter to the JDBC connection string set in the
``connection-url`` catalog configuration property.

For example, with the JDBC driver for SQL Server 2019, enable TLS by appending
the ``encrypt=true`` parameter to the ``connection-url`` configuration property:

.. code-block:: properties
connection-url=jdbc:sqlserver://<host>:<port>;database=<database>;encrypt=true
For more information on TLS configuration options, see the `SQL Server JDBC
driver documentation <https://docs.microsoft.com/en-us/sql/connect/jdbc/building-the-connection-url>`_.

Multiple SQL Server databases or servers
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Expand Down

0 comments on commit 5313c35

Please sign in to comment.