mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-30 11:32:03 +00:00
87 lines
3.5 KiB
XML
87 lines
3.5 KiB
XML
<clickhouse>
|
|
<auth_use_forwarded_address>true</auth_use_forwarded_address>
|
|
<!-- Used with https_port and tcp_port_secure. Full ssl options list: https://github.com/ClickHouse-Extras/poco/blob/master/NetSSL_OpenSSL/include/Poco/Net/SSLManager.h#L71 -->
|
|
<openSSL>
|
|
<server> <!-- Used for https server AND secure tcp port -->
|
|
<!-- openssl req -subj "/CN=localhost" -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout /etc/clickhouse-server/server.key -out /etc/clickhouse-server/server.crt -->
|
|
<certificateFile>/etc/clickhouse-server/config.d/server.crt</certificateFile>
|
|
<privateKeyFile>/etc/clickhouse-server/config.d/server.key</privateKeyFile>
|
|
<verificationMode>none</verificationMode>
|
|
<loadDefaultCAFile>true</loadDefaultCAFile>
|
|
<cacheSessions>true</cacheSessions>
|
|
<disableProtocols>sslv2,sslv3</disableProtocols>
|
|
<preferServerCiphers>true</preferServerCiphers>
|
|
</server>
|
|
</openSSL>
|
|
|
|
<listen_host>0.0.0.0</listen_host>
|
|
|
|
<protocols>
|
|
<tcp>
|
|
<type>tcp</type>
|
|
<host>0.0.0.0</host>
|
|
<port>9000</port>
|
|
<description>native protocol (tcp)</description>
|
|
</tcp>
|
|
<tcp_secure>
|
|
<type>tls</type>
|
|
<impl>tcp</impl>
|
|
<port>9440</port>
|
|
<description>secure native protocol (tcp_secure)</description>
|
|
</tcp_secure>
|
|
<tcp_endpoint>
|
|
<impl>tcp</impl>
|
|
<host>0.0.0.0</host>
|
|
<port>9001</port>
|
|
<description>native protocol endpoint (tcp)</description>
|
|
</tcp_endpoint>
|
|
<tcp_proxy>
|
|
<type>proxy1</type>
|
|
<impl>tcp</impl>
|
|
<port>9100</port>
|
|
<description>native protocol with PROXYv1 (tcp_proxy)</description>
|
|
</tcp_proxy>
|
|
<http>
|
|
<type>http</type>
|
|
<port>8123</port>
|
|
<description>http protocol</description>
|
|
</http>
|
|
<https>
|
|
<type>tls</type>
|
|
<impl>http</impl>
|
|
<host>0.0.0.0</host>
|
|
<port>8443</port>
|
|
<description>https protocol</description>
|
|
</https>
|
|
<https_endpoint>
|
|
<impl>https</impl>
|
|
<port>8444</port>
|
|
<description>https protocol endpoint</description>
|
|
</https_endpoint>
|
|
<https_tls1_2>
|
|
<type>tls</type>
|
|
<impl>http</impl>
|
|
<host>0.0.0.0</host>
|
|
<port>8445</port>
|
|
<description>https protocol with TLSv1_2 minimum version</description>
|
|
<disableProtocols>sslv2,sslv3,tlsv1,tlsv1_1</disableProtocols>
|
|
<certificateFile>/etc/clickhouse-server/config.d/server.crt</certificateFile>
|
|
<privateKeyFile>/etc/clickhouse-server/config.d/server.key</privateKeyFile>
|
|
</https_tls1_2>
|
|
<https_tls1_3>
|
|
<type>tls</type>
|
|
<impl>http</impl>
|
|
<host>0.0.0.0</host>
|
|
<port>8446</port>
|
|
<description>https protocol with TLSv1_3 minimum version</description>
|
|
<disableProtocols>sslv2,sslv3,tlsv1,tlsv1_1,tlsv1_2</disableProtocols>
|
|
<certificateFile>/etc/clickhouse-server/config.d/server.crt</certificateFile>
|
|
<privateKeyFile>/etc/clickhouse-server/config.d/server.key</privateKeyFile>
|
|
</https_tls1_3>
|
|
</protocols>
|
|
|
|
<!--tcp_port>9010</tcp_port-->
|
|
|
|
<validate_tcp_client_information>true</validate_tcp_client_information>
|
|
</clickhouse>
|