Document ssl-related command line flags.
This commit is contained in:
parent
5b0dfb009c
commit
1543098891
@ -177,6 +177,18 @@ By default `gh-ost` verifies no foreign keys exist on the migrated table. On ser
|
|||||||
|
|
||||||
See [`approve-renamed-columns`](#approve-renamed-columns)
|
See [`approve-renamed-columns`](#approve-renamed-columns)
|
||||||
|
|
||||||
|
### ssl
|
||||||
|
|
||||||
|
By default `gh-ost` does not use ssl/tls connections to the database servers when performing migrations. This flag instructs `gh-ost` to use encrypted connections. If enabled, `gh-ost` will use the system's ca certificate pool for server certificate verification. If a different certificate is needed for server verification, see `--ssl-ca`. If you wish to skip server verification, but still use encrypted connections, use with `--ssl-allow-insecure`.
|
||||||
|
|
||||||
|
### ssl-allow-insecure
|
||||||
|
|
||||||
|
Allows `gh-ost` to connect to the MySQL servers using encrypted connections, but without verifying the validity of the certificate provided by the server during the connection. Requires `--ssl`.
|
||||||
|
|
||||||
|
### ssl-ca
|
||||||
|
|
||||||
|
`--ssl-ca=/path/to/ca-cert.pem`: ca certificate file (in PEM format) to use for server certificate verification. If specified, the default system ca cert pool will not be used for verification, only the ca cert provided here. Requires `--ssl`.
|
||||||
|
|
||||||
### test-on-replica
|
### test-on-replica
|
||||||
|
|
||||||
Issue the migration on a replica; do not modify data on master. Useful for validating, testing and benchmarking. See [`testing-on-replica`](testing-on-replica.md)
|
Issue the migration on a replica; do not modify data on master. Useful for validating, testing and benchmarking. See [`testing-on-replica`](testing-on-replica.md)
|
||||||
|
Loading…
Reference in New Issue
Block a user