1.4.2 Using a Self-Signed Server Certificate
Starting with Graph Server and Client Release 21.1, the RPM file
installation generates a self-signed certificate into /etc/oracle/graph
,
which the server uses to enable TLS by default.
If self-signed certificates are sufficient for you to get started and if
your connections are only to localhost
, you can skip to Configuring a Client to Trust the Self-Signed Certificate.
- Generating a Self-Signed Server Certificate
You can create a self-signed server certificate using theopenssl
command. - Configuring the Graph Server (PGX)
You must specify the path to the server certificate and the server's private key in PEM format in the graph server (PGX) configuration file. - Configuring a Client to Trust the Self-Signed Certificate
You must configure your client application to accept the self-signed graph server (PGX) certificate.
Parent topic: Setting Up Transport Layer Security