Continuent Documentation

Manual Home
Tungsten Clustering (for MySQL) 7.1 Manual
Page in Other Manuals
Tungsten Replicator 7.1 Manual
Breadcrumbs
> Tungsten Clustering (for MySQL) 7.1 Manual

       > 10. The tpm Deployment Command

       > 10.5. tpm Commands

       > 10.5.2. tpm cert Command
Chapters
Preface
1. Introduction
2. Deployment
3. Deployment: MySQL Topologies
4. Deployment: Advanced
5. Deployment: Security
6. Operations Guide
7. Tungsten Connector
8. Tungsten Manager
9. Command-line Tools
10. The tpm Deployment Command
11. Tungsten REST API (APIv2)
12. Replication Filters
13. Performance, Tuning and Testing
A. Release Notes
B. Prerequisites
C. Troubleshooting
D. Files, Directories, and Environment
E. Terminology Reference
F. Internals
G. Frequently Asked Questions (FAQ)
H. Ecosystem Support
I. Configuration Property Reference
Navigate Up
10.5.2. tpm cert Command
Parent Sections
10.5.2.1. tpm cert Usage
10.5.2.2. tpm cert {typeSpec}, Defined
10.5.2.3. {typeSpec} definitions
10.5.2.4. {passwordSpec} definitions
10.5.2.5. tpm cert: Getting Started - Basic Examples
10.5.2.6. tpm cert: Getting Started - Functional Database Cert Rotation Example
10.5.2.7. tpm cert: Getting Started - Conversion to Custom-Generated Security Files Example
10.5.2.8. tpm cert: Getting Started - Advanced Example
10.5.2.9. Using tpm cert add
10.5.2.10. Using tpm cert aliases
10.5.2.11. Using tpm cert ask
10.5.2.12. Using tpm cert backup
10.5.2.13. Using tpm cert cat
10.5.2.14. Using tpm cert changepass
10.5.2.15. Using tpm cert clean
10.5.2.16. Using tpm cert copy
10.5.2.17. Using tpm cert diff
10.5.2.18. Using tpm cert example
10.5.2.19. Using tpm cert info
10.5.2.20. Using tpm cert list
10.5.2.21. Using tpm cert gen
10.5.2.22. Using tpm cert remove
10.5.2.23. Using tpm cert rotate
10.5.2.24. Using tpm cert vi
10.5.2.7. tpm cert: Getting Started - Conversion to Custom-Generated Security Files Example
Prev  ^Up10.5.2. tpm cert Command Next

10.5.2.7. tpm cert: Getting Started - Conversion to Custom-Generated Security Files Example

In the following example, we take an existing cluster that was installed using Tungsten-self-generated security files and convert it to use custom-generated security files.

The basic security file conversion steps are:

  • Ensure three tpm config options exist and point to the correct files: 

    shell> tpm query config | grep datasource_mysql_ssl
  datasource_mysql_ssl_ca (tpm option: datasource-mysql-ssl-ca)
  datasource_mysql_ssl_cert (tpm option: datasource-mysql-ssl-cert)
  datasource_mysql_ssl_key (tpm option: datasource-mysql-ssl-key)

  • Generate all standard security files and place into {certsdir} on ONE node only 

    shell> tpm cert gen all

  • Display new files info as json for standard cert files in {certsdir} 

    shell> tpm cert info all

  • Copy new files to all other cluster nodes 

    shell> tpm copy --gen

  • Display example tungsten.ini contents 

    shell> tpm cert example ini

  • Add those lines to the /etc/tungsten/tungsten.ini on ALL cluster nodes 

    shell> tpm cert vi ini

  • Place the cluster into MAINTENANCE mode 

    shell> tpm policy -m

  • Display the directory that the software was installed from: 

    shell> tpm query staging

  • Update the cluster software to use the new security files in {certsdir} which will restart the Tungsten processes: 

    shell> cd {staging_dir_from_above}
shell> tools/tpm update --replace-release

  • Once all cluster updates are done, return the cluster to AUTOMATIC mode 

    shell> tpm policy -a
Prev Up Next
10.5.2.6. tpm cert: Getting Started - Functional Database Cert Rotation Example  ^Level 10.5.2.8. tpm cert: Getting Started - Advanced Example
Copyright © 2016-2023 Continuent, Ltd.(800) 270-9035Terms of UsePrivacy & CookiesLegal NoticeExhibits