pg_autoctl_enable_ssl(1)

1PG_AUTOCTL ENABLE SSL(1)       pg_auto_failover       PG_AUTOCTL ENABLE SSL(1)
2
3
4

NAME

6       pg_autoctl enable ssl - pg_autoctl enable ssl
7
8       pg_autoctl enable ssl - Enable SSL configuration on this node
9

SYNOPSIS

11       It is possible to manage Postgres SSL settings with the pg_autoctl com‐
12       mand, both at pg_autoctl create postgres time and then again to  change
13       your mind and update the SSL settings at run-time.
14
15           usage: pg_autoctl enable ssl  [ --pgdata ] [ --json ]
16
17          --pgdata      path to data directory
18          --ssl-self-signed setup network encryption using self signed certificates (does NOT protect against MITM)
19          --ssl-mode        use that sslmode in connection strings
20          --ssl-ca-file     set the Postgres ssl_ca_file to that file path
21          --ssl-crl-file    set the Postgres ssl_crl_file to that file path
22          --no-ssl          don't enable network encryption (NOT recommended, prefer --ssl-self-signed)
23          --server-key      set the Postgres ssl_key_file to that file path
24          --server-cert     set the Postgres ssl_cert_file to that file path
25

OPTIONS

27       --pgdata
28              Location of the Postgres node being managed locally. Defaults to
29              the environment variable PGDATA. Use --monitor to connect  to  a
30              monitor from anywhere, rather than the monitor URI used by a lo‐
31              cal Postgres node managed with pg_autoctl.
32
33       --ssl-self-signed
34              Generate SSL self-signed certificates to provide network encryp‐
35              tion.  This  does not protect against man-in-the-middle kinds of
36              attacks. See Security settings  for  pg_auto_failover  for  more
37              about our SSL settings.
38
39       --ssl-mode
40              SSL  Mode used by pg_autoctl when connecting to other nodes, in‐
41              cluding when connecting for streaming replication.
42
43       --ssl-ca-file
44              Set the Postgres ssl_ca_file to that file path.
45
46       --ssl-crl-file
47              Set the Postgres ssl_crl_file to that file path.
48
49       --no-ssl
50              Don't enable network encryption. This is not recommended, prefer
51              --ssl-self-signed.
52
53       --server-key
54              Set the Postgres ssl_key_file to that file path.
55
56       --server-cert
57              Set the Postgres ssl_cert_file to that file path.
58

ENVIRONMENT

60       PGDATA
61          Postgres directory location. Can be used instead of the --pgdata op‐
62          tion.
63
64       PG_AUTOCTL_MONITOR
65          Postgres URI to connect to the monitor node, can be used instead  of
66          the --monitor option.
67
68       XDG_CONFIG_HOME
69          The  pg_autoctl  command stores its configuration files in the stan‐
70          dard place XDG_CONFIG_HOME. See the XDG  Base  Directory  Specifica‐
71          tion.
72
73       XDG_DATA_HOME
74          The pg_autoctl command stores its internal states files in the stan‐
75          dard place XDG_DATA_HOME, which defaults to ~/.local/share. See  the
76          XDG Base Directory Specification.
77

AUTHOR

79       Microsoft
80

COPYRIGHT

82       Copyright (c) Microsoft Corporation. All rights reserved.
83
84
85
86
872.0                              Sep 13, 2023         PG_AUTOCTL ENABLE SSL(1)