...
Modify /etc/xroad/db.properties. Provide paths to root CA and client certificates.
Code Block database=centerui_production?sslmode=verify-ca&sslrootcert=<ROOT_CA>&sslcert=<PATH_TO_CLIENT_CERT>&sslkey=<PATH_TO_CLIENT_KEY>
Note. JDBC client supports key file format PKCS-12 or PKCS-8. To convert PEM key the following command can be used:
Code Block language bash openssl pkcs8 -topk8 -inform PEM -in client.key -outform DER -out client.pk8 -nocrypt
Note:
We should consider to update db.properties file and provide jdbc connection url (like in Security Server). The database property is not supposed to be used in this way.Restart the Central Server
Code Block supervisorctl restart xroad-center
Verify Central Server started successfully.
...