Configuring an SSL Connection
Scenarios
Secure Socket Layer (SSL) is an encryption-based Internet security protocol for establishing an encrypted link between a server and a client. It provides privacy, authentication, and integrity to Internet communications.
- Authenticates users and servers, ensuring that data is sent to the correct clients and servers.
- Encrypts data to prevent it from being intercepted during transfer.
- Ensures data integrity during transmission.
After SSL is enabled, you can establish an encrypted connection between your client and the instance you want to access to improve data security.
Precautions
- To use SSL, contact customer service to apply for the required permissions.
- Enabling or disabling SSL will cause instances to restart. Exercise caution when performing this operation.
- If SSL is enabled, you can connect to a database using SSL to improve security.
Encryption algorithms that may have security risks are not allowed. Secure encryption algorithms and supported cipher suits are described Table 1.
Table 1 Secure encryption algorithms and supported cipher suits Version
TLS Version
Cipher Suite
4.0
TLS 1.2
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256
The server where the client is located must support the corresponding TLS version and encryption algorithm suite. Otherwise, the connection fails.
- If SSL is disabled, you can connect to a database using an unencrypted connection.
Enabling SSL
- Log in to the management console.
- In the service list, choose Databases > GeminiDB Mongo API.
- On the Instances page, click the instance. The Basic Information page is displayed.
- In the DB Information area, click to enable the SSL toggle.
Alternatively, choose Connections in the navigation pane on the left. On the Basic Information page, click to enable the SSL toggle.
- In the displayed dialog box, click Yes.
- In the Basic Information area, view the results.
- After SSL is enabled, click next to SSL to download an SSL certificate.
For details about how to connect to an instance using an SSL connection, see SSL Connection.
Disabling SSL
- Log in to the management console.
- In the service list, choose Databases > GeminiDB Mongo API.
- On the Instance Management page, click the instance.
- In the DB Information area on the Basic Information page, click next to the SSL field.
Alternatively, in the navigation pane on the left, choose Connections. In the Basic Information area, click next to the SSL field.
- In the displayed dialog box, click Yes.
- In the Basic Information area, view the results.
- After SSL is disabled, you can connect to an instance using an unencrypted connection.
For details, see Non-SSL Connection.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot