configuration - allow setting CA for self-signed cert #14
Comments
|
Interesting. I'll take a look. Just to make sure, is https://github.com/arangodb/arangojs/blob/a993de1afb3a39824870990c5f1ee9248a4fb3a6/README.md#nodejs-with-self-signed-https-certificates the JS equivalent? If so, I think the go-driver is limited here. I don't see a way to make it take a self-signed cert. |
|
correct, that's the JS equivalent
I don't know Go, but judging by this: https://www.arangodb.com/docs/stable/drivers/go-connection-management.html#secure-connections-ssl conn, err := http.NewConnection(http.ConnectionConfig{
Endpoints: []string{"https://localhost:8529"},
TLSConfig: &tls.Config{InsecureSkipVerify: true},
})https://pkg.go.dev/github.com/arangodb/go-driver/http#ConnectionConfig // TLSConfig holds settings used to configure a TLS (HTTPS) connection.
// This is only used for endpoints using the HTTPS scheme.
TLSConfig *tls.Confighttps://golang.org/pkg/crypto/tls/#Config // RootCAs defines the set of root certificate authorities
// that clients use when verifying server certificates.
// If RootCAs is nil, TLS uses the host's root CA set.
RootCAs *x509.CertPoolI believe it should be possible either way, we've switched from arangomigo to something else in the meantime |
|
Unfortunately, I'm also not able to use arangomingo if I can't supply a custom TLSConfig or, maybe even better, use a client from the official ArangoDB driver |
|
Addressed in #24 |
By default kube-arango generates a self signed certificate.
The arango javascript driver allows setting CA, but arangomigo doesn't. Means we can't run migrations against arango deployed this way.
https://www.arangodb.com/docs/stable/drivers/js-reference-database.html#new-database
The text was updated successfully, but these errors were encountered: