TLS_CONFIGURATIONS
Lists settings for TLS CONFIGURATION objects for the server, LDAP, etc.
Column Name | Data Type | Description |
---|---|---|
NAME |
VARCHAR |
Name of the TLS CONFIGURATION object. Vertica includes the following TLS CONFIGURATIONs by default:
|
OWNER |
VARCHAR |
Owner of the TLS CONFIGURATION object. |
CERTIFICATE |
VARCHAR |
The certificate associated with the TLS CONFIGURATION object. |
CA_CERTIFICATES |
VARCHAR |
The CA certificate(s) used to verify client certificates. In cases where a TLS CONFIGURATION uses more than one CA, each CA will have its own row in the table. |
CIPHER_SUITES |
VARCHAR |
The cipher suites to used to secure the connection. |
MODE |
VARCHAR |
How Vertica establishes TLS connections and handles client certificates, one of the following, in order of ascending security:
|
Examples
In this example, the LDAPAuth TLS CONFIGURATION uses two CA certificates:
=> SELECT * FROM tls_configurations WHERE name='LDAPAuth'; name | owner | certificate | ca_certificate | cipher_suites | mode ----------+---------+-------------+----------------+---------------+--------- LDAPAuth | dbadmin | server_cert | ca | | DISABLE LDAPAuth | dbadmin | server_cert | ica | | DISABLE (2 rows)
To make more clear the relationship between a TLS CONFIGURATION and its CA certificates, you can format the query with LISTAGG:
=> SELECT name, owner, certificate, LISTAGG(ca_certificate) AS ca_certificates, cipher_suites, mode FROM tls_configurations WHERE name='LDAPAuth' GROUP BY name, owner, certificate, cipher_suites, mode ORDER BY 1; name | owner | certificate | ca_certificates | cipher_suites | mode ----------+---------+-------------+-----------------+---------------+--------- LDAPAuth | dbadmin | server_cert | ca,ica | | DISABLE (1 row)