mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-14 19:45:11 +00:00
ffc1fca296
This allows starting and stopping separately each protocol server without restarting ClickHouse. This also allows adding or removing `listen_host` entries, which start and stops servers for all enabled ports. When stopping a server, the listening socket is immediately closed (and available for another server). Protocols with persistent connections try to wait for any currently running query to finish before closing the connection, but idle connection are closed quickly (depending on how often the protocol is polled). An extra ProfileEvent is added, `MainConfigLoads`, it is incremented every time the configuration is reloaded. This helps when trying to assess whether the new configuration was applied.
19 lines
1.1 KiB
XML
19 lines
1.1 KiB
XML
<?xml version="1.0"?>
|
|
<clickhouse>
|
|
<!-- Used with https_port and tcp_port_secure. Full ssl options list: https://github.com/ClickHouse-Extras/poco/blob/master/NetSSL_OpenSSL/include/Poco/Net/SSLManager.h#L71 -->
|
|
<openSSL>
|
|
<server> <!-- Used for https server AND secure tcp port -->
|
|
<!-- openssl req -subj "/CN=localhost" -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout /etc/clickhouse-server/server.key -out /etc/clickhouse-server/server.crt -->
|
|
<certificateFile>/etc/clickhouse-server/config.d/server.crt</certificateFile>
|
|
<privateKeyFile>/etc/clickhouse-server/config.d/server.key</privateKeyFile>
|
|
<!-- openssl dhparam -out /etc/clickhouse-server/dhparam.pem 4096 -->
|
|
<dhParamsFile>/etc/clickhouse-server/config.d/dhparam.pem</dhParamsFile>
|
|
<verificationMode>none</verificationMode>
|
|
<loadDefaultCAFile>true</loadDefaultCAFile>
|
|
<cacheSessions>true</cacheSessions>
|
|
<disableProtocols>sslv2,sslv3</disableProtocols>
|
|
<preferServerCiphers>true</preferServerCiphers>
|
|
</server>
|
|
</openSSL>
|
|
</clickhouse>
|