2
Using Let's Encrypt's Certbot SSL-Certificates with ArangoDB
source link: https://gist.github.com/RienNeVaPlus/b351f49adef9ebf5928f09299dbe26f1
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Using Let's Encrypt's Certbot Certificates with ArangoDB
Let's Encrypt generates SSL certificates for free.
Follow these steps to create and use an SSL certificate with ArangoDB.
1. Install the Certbot from LetsEncrypt (Certbot instructions)
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot
2. Generate the certificate
Run certbot and answer the prompted questions.
sudo certbot certonly
3. Create the certificate/key bundle required by ArangoDB
ArangoDB requires a single file containing the certificate chain as well as the private key.
cd /etc/letsencrypt/live/example.com # replace example.com with your domain
cat fullchain.pem privkey.pem > server.pem
4. Grant access to user arangodb
Make sure the ArangoDB user (usually arangodb
) can read the server.pem
and fullchain.pem
files.
chown -R arangodb:arangodb ./etc/letsencrypt/* # depending on your system
5. Configure ArangoDB to use the certificate
vi /etc/arangodb3/arangod.conf
A. Add the endpoint to the [server]
block
[server]
endpoint = ssl://example.com:8529
B. Create the [ssl]
block before any other block
[ssl]
cafile = /etc/letsencrypt/live/example.com/fullchain.pem
keyfile = /etc/letsencrypt/live/example.com/server.pem
C. Save & close
6. Restart the server
service arangodb3 restart
service arangodb3 status # make sure it's running
Related / sources:
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK