[influxdb] Add docs for usage of self-signed certs (#14228)

* [influxdb] Add docs for usage of self-signed certs See https://community.openhab.org/t/influxdb-persistence-doesnt-work-with-s sl/35409/10?u=florian-h05. Signed-off-by: Florian Hotze <florianh_dev@icloud.com>
2025-01-25 14:55:55 +01:00 · 2023-01-15 23:55:42 +01:00 · 2023-01-15 23:55:42 +01:00 · 80094b5e9d
commit 80094b5e9d
parent 5f8214f08a
1 changed files with 10 additions and 0 deletions
--- a/bundles/org.openhab.persistence.influxdb/README.md
+++ b/bundles/org.openhab.persistence.influxdb/README.md
@ -106,3 +106,13 @@ Besides the metadata tags, there are additional configuration parameters to acti
 | addCategoryTag | false   | no       | Should the category of the item be included as tag "category"? If no category is set, "n/a" is used. |
 | addTypeTag     | false   | no       | Should the item type be included as tag "type"?                                                      |
 | addLabelTag    | false   | no       | Should the item label be included as tag "label"? If no label is set, "n/a" is used.                 |
+
+### Connect to InfluxDB via TLS
+
+InfluxDB supports TLS encryption to secure the communication with clients.
+
+If you use a self-signed certificate for your InfluxDB instance (which is very likely), you need to add the certificate itself or your internal CA's certificate to the Java keystore:
+
+1. Find your JVM's path with `ls -all /usr/bin/java`, e.g. `/opt/java/zulu17.38.21-ca-jdk17.0.5-linux_aarch32hf/bin/java`. You may need to follow some symlinks, use `ls -all` again.
+1. Go to the `lib/security` directory of your JVM, e.g. `cd /opt/java/zulu17.38.21-ca-jdk17.0.5-linux_aarch32hf/lib/security`.
+1. Add the certificate to the JVM's keystore: `sudo keytool -importcert -file <path-to-certfile> -cacerts -keypass changeit -storepass changeit -alias <alias-for-cert>`.