mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-22 15:42:02 +00:00
19 lines
1.1 KiB
XML
19 lines
1.1 KiB
XML
|
<?xml version="1.0"?>
|
||
|
<yandex>
|
||
|
<!-- Used with https_port and tcp_port_secure. Full ssl options list: https://github.com/ClickHouse-Extras/poco/blob/master/NetSSL_OpenSSL/include/Poco/Net/SSLManager.h#L71 -->
|
||
|
<openSSL>
|
||
|
<server> <!-- Used for https server AND secure tcp port -->
|
||
|
<!-- openssl req -subj "/CN=localhost" -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout /etc/clickhouse-server/server.key -out /etc/clickhouse-server/server.crt -->
|
||
|
<certificateFile>/etc/clickhouse-server/config.d/server.crt</certificateFile>
|
||
|
<privateKeyFile>/etc/clickhouse-server/config.d/server.key</privateKeyFile>
|
||
|
<!-- openssl dhparam -out /etc/clickhouse-server/dhparam.pem 4096 -->
|
||
|
<dhParamsFile>/etc/clickhouse-server/config.d/dhparam.pem</dhParamsFile>
|
||
|
<verificationMode>none</verificationMode>
|
||
|
<loadDefaultCAFile>true</loadDefaultCAFile>
|
||
|
<cacheSessions>true</cacheSessions>
|
||
|
<disableProtocols>sslv2,sslv3</disableProtocols>
|
||
|
<preferServerCiphers>true</preferServerCiphers>
|
||
|
</server>
|
||
|
</openSSL>
|
||
|
</yandex>
|