[Question posted by a user on YugabyteDB Community Slack]
I'm trying to connect my yugabytedb database with skyvia (as a PostgreSQL connection), but I'm getting the following error:
no pg_hba.conf entry for host "40.118.246.204", user "admin", database "skyvia_test", SSL off
According to skyvia docs, I have to add some lines to postgresql.conf and pg_hba.conf. Any idea how I would do this in yugabytedb? (link to skyvia docs page)
If you are using YugabyteDB Managed, make sure you're connecting with SSL enabled. Set ssl-mode to verify-full and provide the certificate that you can download from the portal:
https://docs.yugabyte.com/preview/yugabyte-cloud/cloud-connect/connect-client-shell/
https://docs.yugabyte.com/preview/yugabyte-cloud/cloud-connect/connect-applications/
If you're running on your premises, then you need to pass the ysql_hba_conf_csv flag with that IP to a tserver instance upon startup: https://docs.yugabyte.com/preview/secure/enable-authentication/ysql_hba_conf-configuration/.
This is a step-by-step video tutorial: https://youtu.be/zwQoM-ULNo8
Related
I have enabled Azure Postgresql SSL connection mode and after doing that I was not able to connect to Postgres database using dbForge, it is showing that SSL connection is required. Please specify SSL options and retry. I can able to access the database from .NET application by including the below parameters in the connection string. Also I can able to connect to the database from pgAdmin.
Ssl Mode=Require;Trust Server Certificate = true;
If I provide the same parameters dbForge it is not connecting and shows keyword not supporting.
An option to resolve this error would to disable the SSL requirement for your server connection.
As per this MSFT documentation, you can disable using Azure portal by:
Click Connection security. Use the toggle button to enable or disable the Enforce SSL connection setting, and then click Save.
Or by using Azure CLI
You can enable or disable the ssl-enforcement parameter by using Enabled or Disabled values.
I got MySQL 8 on Azure with 'Enfore SSL Connection' Enabled
Configured connection string to above in MySQL in App with connection string (Web App) provided by above MySQL
Which is
Database={your_database}; Data Source=xxxx.mysql.database.azure.com; User Id=xxx#xxxx; Password={your_password}
When trying to manage the MySQL in phpmyAdmin getting below error
#9002 - SSL connection is required. Please specify SSL options and retry.
There is no option to specify SSL Mode on the Web App Connection String.
MS Docs:
Default settings
By default, the database service should be configured to require SSL connections when connecting to MySQL. We recommend to avoid disabling the SSL option whenever possible.
When provisioning a new Azure Database for MySQL server through the Azure portal and CLI, enforcement of SSL connections is enabled by default.
Connection strings for various programming languages are shown in the Azure portal. Those connection strings include the required SSL parameters to connect to your database. In the Azure portal, select your server. Under the Settings heading, select the Connection strings. The SSL parameter varies based on the connector, for example "ssl=true" or "sslmode=require" or "sslmode=required" and other variations.
So I am learning node.js,docker and mongodb.And I have a few doubts.
I have three tasks of a service(replicas) (node.js in docker services).The service is supposed to access a mongodb database.I have two options:
Use atlas-this sounds simple to me as I am a beginner.
Use mongodb containers-Which I believe could be a little more work.
So the question is if I use MongoDB atlas and connect to the database hosted on atlas is the transfer of data between node.js and atlas secure by default?what should be done to "secure" the transfer of data between the node.js container service and the Mongodb atlas?
If I choose the second option above should all three replicas/tasks communicate with only ONE mongodb container?
is the transfer of data between node.js and atlas secure by default?
Without knowing your application environment, I can't comment about security on your side of the network.
However for MongoDB Atlas, it's using TLS/SSL and authentication (SCRAM) enabled by default (and cannot be disabled).
Traffic from clients to Atlas is authenticated and encrypted in-transit, and traffic
between the customer’s internally managed MongoDB
nodes is also authenticated and encrypted in-transit using
TLS/SSL.
Also depending on which cloud provider you would choose in Atlas (AWS, GCP, or Azure) they each provides different encryption at rest features (transparent disk encryption).
Please note that there are other security features provided by MongoDB Atlas, i.e. IP Whitelisting. See also MongoDB Atlas: Security Features and Setup and MongoDB Atlas Security Controls.
If I choose the second option above should all three replicas/tasks communicate with only ONE mongodb container?
I'm not sure I understand this question. The purpose of having a replica set is to provide High Availability (in the case of a primary failover, the other will automatically take over). Having all three nodes of replica set deployed into a single Docker container will defeat this purpose.
I'm in the Azure Portal UI attempting to connect our new Azure Search service to our SQL Server on our Azure VM. The UI very simply asks me for a connection string, a username and password. I started by using the exact connection string that is used in all our .Net config files, with which there is no issue connecting. No matter how I tweak the connection string based on many threads I've read here at S/O (set Encrypt to False, set TrustServerCertificate to True) I get this error testing the connection:
"A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.) Learn more about connecting to Azure SQL VMs, http://go.microsoft.com/fwlink/?LinkID=826562"
I must admit that the info in that MS link is like a foreign language to me. As none of those steps have ever been required for me to connect to this SQL Server, I continued my research which lead me to all the different aforementioned tweaks to the connection string.
As none of these tweaks worked, it seems the answer truly lies in that MS article - would someone be able to provide a step-by-step as I am completely new to certificates.
I'd also still fail to understand why I have no issues connecting to this SQL Server from any other app/service/util and only get this error here, but if it works it works and I won't complain!
The basic issue here is that your SQL Server must have a certificate issued by a trusted certificate authority, not a self-signed cert typically used in intranet apps. I suspect the connection strings worked in other apps because they either don't use encryption or trust self-signed certs (that's what TrustServerCertificate setting does).
Please follow the directions in the article you linked - that's the most authoritative step-by-step guide I'm aware of.
Alternatively, if you don't want to configure certificate and ports, you can consider using Azure Data Factory to push data to Azure Search.
I am installing OrientDB 2.1.9 on Amazon Linux I am trying to log in to their standard Grateful Dead database. I cannot using the guest, the root works but this is non-optimal.
I used the default guest/guest, right out of the package.
The server credentials in the $ORIENTDB_HOME/config/orientdb-server-config.xml file:
guest user is valid just to connect to server instance and list databases, to connect to the db you have to use db users or root
orientdb> connect remote:localhost guest guest
Connecting to remote Server instance [remote:localhost] with user 'guest'...OK
orientdb {server=remote:localhost/}> connect remote:localhost/GratefulDeadConcerts guest guest
Disconnecting from remote server [remote:localhost/]...
OK
Connecting to database [remote:localhost/GratefulDeadConcerts] with user 'guest'...
Error: com.orientechnologies.orient.core.exception.OSecurityAccessException: User or password not valid for database: 'GratefulDeadConcerts'
if you want to connect to the db with limited permissions you can use built-in users reader or writer or you can create your custom users from inside the database.
Please refer to this guide too http://orientdb.com/docs/2.1/Security.html