Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Allow SSL parameters to be passed directly
See original GitHub issueRight now certain SSL parameters like sslcert, sslidentity etc require you to pass a file path. This is not ideal in many places you can read these parameters from the environment.
So we need to allow people to pass them directly to the connection string.
Issue Analytics
- State:
- Created 4 years ago
- Reactions:8
- Comments:8 (2 by maintainers)
Top Results From Across the Web
Configuring a client for SSL connections - IBM
Configure an ESQL/C, ODBC, DB-Access, dbexport, dbimport, dbschema, or dbload database client by adding connection information to the sqlhosts file, setting SSL ......
Read more >9 Configuring SSL Authentication - Oracle Help Center
Set the required SSL version (optional). Do this by setting the SSL_VERSION parameter. This parameter determines which version of SSL must be running...
Read more >Configuring HTTPS servers - Nginx.org
To configure an HTTPS server, the ssl parameter must be enabled on listening sockets in the server block, and the locations of the...
Read more >Setting Parameters for SSL Termination | ActivID CMS
This specifies what kind of information is included in the HTTP header: either a subject string directly or a certificate image. The format...
Read more >What happens in a TLS handshake? | SSL ... - Cloudflare
TLS 1.3 does not support RSA, nor other cipher suites and parameters that are vulnerable to attack. It also shortens the TLS handshake,...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I am really not sure but main use case here is on some serverless services, you can’t really can’t have the p12 file and you will need to read it from secret: https://github.com/vercel/vercel/issues/749#issuecomment-533873759. Issue on our repository about it: https://github.com/prisma/prisma/issues/1673
In most libraries you can read from the environment and pass it. So for example in this Rust crate: https://docs.rs/postgres-native-tls/0.3.0/postgres_native_tls/ which I believe we use in quaint you can just call
std::envand pass the certificate.So we need a way to pass the certificate as string.
@callumlocke I actually used this exact approach on Vercel to deploy Umami (https://github.com/mikecao/umami/issues/880) last year. I based my solution on https://github.com/prisma/prisma/issues/1673#issuecomment-647107891.
However, I recently tried redeploying Umami on Vercel and did not need to do anything special.