Sign inTry Free

Configuring SingleStore for Secure Connections

It’s important to note that enabling secure connections between the client and the SingleStore cluster is separate from enabling secure connections between nodes inside the SingleStore cluster itself. To configure the SingleStore cluster to use secure connections, see either:

To configure your client to use secure connections, see Server Configuration for Secure Client Connections.

Note

When configuring SSL in SingleStore, you should specify an absolute path (/path/to/files) to your files. If you specify a relative path (./path/to/files), SingleStore first looks for the path relative to the location of the memsql.cnf file. If the path is not found there, SingleStore looks for the path relative to the current working directory. If neither of those paths work, the operation fails.

Warning

Do not place your SSL certificates in the SingleStore installation directory as that directory is subject to change during upgrades.

Last modified: April 3, 2023

Was this article helpful?

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

  1. (Optional) Run the following command to view the associated signature files.

    curl undefined

  2. Download the signature file from the SingleStore release server.

    • Option 1: Click the Download Signature button next to the SingleStore file.

    • Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.

    • Option 3: Run the following command to download the signature file.

      curl -O undefined

  3. After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

    echo -n undefined |
        cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
          --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
          --bundle undefined \
          --new-bundle-format -
    Verified OK