Updated on 2024-10-08 GMT+08:00

Configuring an SSL Connection

Secure Socket Layer (SSL) is an encryption-based Internet security protocol for establishing an encrypted link between a server and a client. It provides privacy, authentication, and integrity to Internet communications.

  • Authenticates users and servers, ensuring that data is sent to the correct clients and servers.
  • Encrypts data to prevent it from being intercepted during transfer.
  • Ensures data integrity during transmission.

After SSL is enabled, you can establish an encrypted connection between your client and the instance you want to access to improve data security.

Precautions

  • After you enable or disable SSL, the established connection is interrupted. Restart the instance to apply the change.
  • Enabling SSL will prolong network connection response and increase CPU usage. So, evaluate impacts on service performance before enabling SSL.
  • The SSL function provided by GeminiDB Cassandra supports only TLS 1.3 or later.

Enabling SSL

  1. Log in to the GeminiDB console.
  2. In the service list, choose Databases > GeminiDB Cassandra API.
  3. On the Instances page, click the target instance.
  4. In the DB Information area, click to enable SSL.

    Figure 1 Enabling SSL

    Alternatively, choose Connections in the navigation pane on the left. In the Basic Information area, click in the SSL field to enable SSL.

    Figure 2 Enabling SSL

    After SSL is enabled, you can connect to the GeminiDB Cassandra instance through SSL. For details, see SSL.

Disabling SSL

  1. Log in to the GeminiDB console.
  2. In the service list, choose Databases > GeminiDB Cassandra API.
  3. On the Instances page, click the target instance.
  4. In the DB Information area, click to disable SSL.

    Figure 3 Disabling SSL

    Alternatively, choose Connections in the navigation pane on the left. In the Basic Information area, click in the SSL field to disable SSL.

    Figure 4 Disabling SSL

    After SSL is disabled, you can connect to the GeminiDB Cassandra instance over a non-SSL connection. For details, see Non-SSL Connection.