Open
Description
Describe the problem
I encountered an issue where Go (and CockroachDB) works fine with any kind of certificates, but when trying to connect a 3rd party application (JetBrains), I ran into cryptography problems.
To Reproduce
I followed the instructions from the CockroachDB documentation, but it didn't work as expected. Six hours later, I discovered it was a PostgreSQL driver issue (version 42.2 to 42.6, I haven’t tested earlier versions). Through experimentation, I found that the driver only works with RSA cryptography.
Expected behavior
It would be helpful if this was mentioned in the documentation.
Environment:
- CockroachDB version v23.1.28
- Server OS: Docker
- Client app: intellij-idea
Also there are questions about cryptography that I haven't found in the documentation:
- Is it possible to update the certificate without restarting the node (especially for the CA)?
- How can I disable TLS for the webserver (port 8080) without disabling TLS for everything else?
- How can I run the node without a webserver, just as part of a cluster?
Jira issue: CRDB-43267