Managing TLS Security

TLS security is controlled by the "ssl" property in the nuoadmin.conf file; its value can either be "true" (TLS support is enabled) or "false" (TLS support is disabled). For more information on nuoadmin.conf properties, see Configuring NuoDB Admin.

You may edit the "ssl" value in the nuoadmin.conf file by hand, or TLS security settings can also be managed using the NuoDB Admin service control script.

If TLS security is enabled the NuoDB Admin Process cannot start until keys have been created, see Enabling TLS Encryption

On Linux systems, the NuoDB Admin service control script is $NUODB_HOME/etc/nuoadmin where $NUODB_HOME is the location of the NuoDB installation (for RPM and DEB packages it is /opt/nuodb; for TAR packages it is wherever the package was extracted).

On Windows systems, the NuoDB Admin service control script is %NUODB_HOME%\etc\nuoadmin.bat where %NUODB_HOME% is the location of the NuoDB installation (for EXE packages it defaults to C:\Program Files\NuoDB; for ZIP packages it is wherever the package was extracted). The interface on Windows is the same; replace $NUODB_HOME/etc/nuoadmin in the following commands with %NUODB_HOME%\etc\nuoadmin.bat.

For these changes to take effect, you must restart the domain being managed by NuoDB Admin.

Checking the State of TLS Support

To determine the state of TLS support, run:

$NUODB_HOME/etc/nuoadmin tls status
This shows the current setting of TLS in the nuoadmin.conf file; it may not match the configuration of a running NuoDB Admin Process.

Enabling TLS Support

To enable TLS support the nuoadmin.conf file, run:

$NUODB_HOME/etc/nuoadmin tls enable

Disabling TLS Support

To disable TLS support in the nuoadmin.conf file, run:

$NUODB_HOME/etc/nuoadmin tls disable