Enabling or Disabling TLS for a Database in MC

To enable TLS for all JDBC connections from MC to a Vertica database, configure the certificate and key appropriate for that connection. See:

Disabling a TLS Connection

Under some conditions, you as the system administrator might need to disable TLS for JDBC connections from MC to a Vertica database. Here are some examples:

  • The TLS certificates are expired and you have not yet obtained new certificates.
  • The TLS certificates and keys are revoked and the user does not have new certificates and keys, but you still want to allow that user to connect from MC to the database to show monitoring information and run queries.

To disable TLS for connecting to a Vertica database:

  1. In MC, navigate to Home > Databases and Clusters > DatabaseName > Settings.
  2. Click the Security tab in the left navigation bar.
  3. In the Use TLS Connection to database drop-down, choose Disabled.

To reenable TLS for a database connection after you disable it, you must reconfigure the necessary certificates.

Disabling TLS for a database removes the configuration that tells MC to use the current certificates and keys for a given database, for all users. If it is a mutual mode TLS connection and each user had a separate client certificate and private key configured for that database, to re-enable TLS you must reconfigure the certificate and key for each user individually, for that database.

Re-enabling a Disabled TLS Connection

  1. In MC, navigate to Home > Databases and Clusters > DatabaseName > Settings.
  2. Click the Security tab in the left navigation bar.
  3. In the Use TLS Connection to database drop-down, choose Enabled.
  4. MC displays Configure MC to use secured connection to query Vertica database or modify existing configuration.
  5. To finish re-enabling TLS, click Configure TLS Connection to launch the Certificates Wizard.
  6. Complete the Certificates wizard.