Tls on Mini Fish https://blog.minifish.org/tags/tls/ Recent content in Tls on Mini Fish Mini Fish https://blog.minifish.org/android-chrome-512x512.png https://blog.minifish.org/android-chrome-512x512.png Hugo -- 0.154.5 en-US Mini Fish 2014-present. Licensed under CC-BY-NC Mon, 22 May 2023 21:45:00 -0700 How to Use the HTTP API in TiDB with TLS Enabled https://blog.minifish.org/posts/how-to-use-the-http-api-in-tidb-with-tls-enabled/ Mon, 22 May 2023 21:45:00 -0700 https://blog.minifish.org/posts/how-to-use-the-http-api-in-tidb-with-tls-enabled/ <h2 id="background">Background</h2> <p>Many customers have TLS enabled, which is different from the lab environment.</p> <h2 id="curl">Curl</h2> <p>Curl requires a specified CA certificate, otherwise it will report an error.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>curl --cacert ca.crt https://127.0.0.1:10080/status </span></span></code></pre></div><h2 id="wget">Wget</h2> <p>Many containers do not have curl, so wget is used instead. Wget is better as it does not require a CA certificate.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>wget --no-check-certificate http://127.0.0.1:10080/status </span></span></code></pre></div> Background

Many customers have TLS enabled, which is different from the lab environment.

Curl

Curl requires a specified CA certificate, otherwise it will report an error.

curl --cacert ca.crt https://127.0.0.1:10080/status

Wget

Many containers do not have curl, so wget is used instead. Wget is better as it does not require a CA certificate.

wget --no-check-certificate http://127.0.0.1:10080/status
]]>