From e32770a10ed2db465db90f1d0117c6f8efa85917 Mon Sep 17 00:00:00 2001 From: Paul Gottschling Date: Thu, 5 Sep 2024 17:14:04 -0400 Subject: [PATCH 1/2] Clarify TLS paths in the database GUI guide Closes #20344 Make more explicit correspondences between TLS credential paths returned by `tsh proxy db` and configuration fields in four GUI clients. --- .../pages/connect-your-client/gui-clients.mdx | 39 ++++++++++++++++++- 1 file changed, 37 insertions(+), 2 deletions(-) diff --git a/docs/pages/connect-your-client/gui-clients.mdx b/docs/pages/connect-your-client/gui-clients.mdx index b64552ccb888b..1642b17a8c01e 100644 --- a/docs/pages/connect-your-client/gui-clients.mdx +++ b/docs/pages/connect-your-client/gui-clients.mdx @@ -144,6 +144,15 @@ Proxy Service's web endpoint. ![MongoDB Compass more options](../../img/database-access/compass-more-options@2x.png) +The following fields in the More Options tab must correspond to paths printed by +the `tsh proxy db` command you ran earlier: + +|Field|Path| +|---|---| +|Client Certificate|`cert_file`| +|Client Private Key|`key_file`| +|Certificate Authority|`ca_file`| + Click on the "Connect" button. ## MySQL DBeaver @@ -192,6 +201,15 @@ paths to your CA, certificate, and private key files (see ![MySQL Workbench SSL](../../img/database-access/workbench-ssl@2x.png) +The following fields in the SSL tab must correspond to paths printed by the `tsh +proxy db` command you ran earlier: + +|Field|Path| +|---|---| +|SSL CERT File|`cert_file`| +|SSL Key File|`key_file`| +|SSL CA File|`ca_file`| + Optionally, click "Test Connection" to verify connectivity: ![MySQL Workbench Test](../../img/database-access/workbench-test@2x.png) @@ -270,6 +288,15 @@ certificate, key and root certificate from the configuration above: ![pgAdmin SSL](../../img/database-access/pgadmin-ssl@2x.png) +The following fields in the SSL tab must correspond to paths printed by the `tsh +proxy db` command you ran earlier: + +|Field|Path| +|---|---| +|Client certificate|`cert_file`| +|Client certificate key|`key_file`| +|Root certificate|`ca_file`| + Click "Save", and pgAdmin should immediately connect. If pgAdmin prompts you for password, leave the password field empty and click OK. @@ -317,8 +344,16 @@ Provide your Redis username as `Username` and password as `Password`. ![Redis Insight Configuration](../../img/database-access/guides/redis/redisinsight-add-config.png) -Next, check the `Use TLS` and `Verify TLS Certificates` boxes and copy the CA certificate returned by `tsh proxy db`. -Copy the private key and certificate to corresponding fields. +Next, check the `Use TLS` and `Verify TLS Certificates` boxes. Copy the files at +the paths returned by the `tsh proxy db` command you ran earlier and paste them +into their corresponding fields. See the table below for the Redis Insight +fields that correspond to each path: + +|Field|Path| +|---|---| +|Client Certificate|`cert_file`| +|Private Key|`key_file`| +|CA Certificate|`ca_file`| Click `Add Redis Database`. From b41029f68ea55d95cc33dfa557b9c3dbb4a2504a Mon Sep 17 00:00:00 2001 From: Paul Gottschling Date: Wed, 11 Sep 2024 09:27:18 -0400 Subject: [PATCH 2/2] Respond to ravicious feedback - Change table order - Clarify note re: copying files --- docs/pages/connect-your-client/gui-clients.mdx | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/pages/connect-your-client/gui-clients.mdx b/docs/pages/connect-your-client/gui-clients.mdx index 1642b17a8c01e..c1a46aae5f789 100644 --- a/docs/pages/connect-your-client/gui-clients.mdx +++ b/docs/pages/connect-your-client/gui-clients.mdx @@ -149,9 +149,9 @@ the `tsh proxy db` command you ran earlier: |Field|Path| |---|---| +|Certificate Authority|`ca_file`| |Client Certificate|`cert_file`| |Client Private Key|`key_file`| -|Certificate Authority|`ca_file`| Click on the "Connect" button. @@ -206,8 +206,8 @@ proxy db` command you ran earlier: |Field|Path| |---|---| -|SSL CERT File|`cert_file`| |SSL Key File|`key_file`| +|SSL CERT File|`cert_file`| |SSL CA File|`ca_file`| Optionally, click "Test Connection" to verify connectivity: @@ -344,16 +344,16 @@ Provide your Redis username as `Username` and password as `Password`. ![Redis Insight Configuration](../../img/database-access/guides/redis/redisinsight-add-config.png) -Next, check the `Use TLS` and `Verify TLS Certificates` boxes. Copy the files at -the paths returned by the `tsh proxy db` command you ran earlier and paste them -into their corresponding fields. See the table below for the Redis Insight -fields that correspond to each path: +Next, check the `Use TLS` and `Verify TLS Certificates` boxes. Copy the contents +of the files at the paths returned by the `tsh proxy db` command you ran earlier +and paste them into their corresponding fields. See the table below for the +Redis Insight fields that correspond to each path: |Field|Path| |---|---| +|CA Certificate|`ca_file`| |Client Certificate|`cert_file`| |Private Key|`key_file`| -|CA Certificate|`ca_file`| Click `Add Redis Database`.