From 80094b5e9d293dfb73c81377325da13172d6baaf Mon Sep 17 00:00:00 2001 From: Florian Hotze Date: Sun, 15 Jan 2023 23:55:42 +0100 Subject: [PATCH] [influxdb] Add docs for usage of self-signed certs (#14228) * [influxdb] Add docs for usage of self-signed certs See https://community.openhab.org/t/influxdb-persistence-doesnt-work-with-s sl/35409/10?u=florian-h05. Signed-off-by: Florian Hotze --- bundles/org.openhab.persistence.influxdb/README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/bundles/org.openhab.persistence.influxdb/README.md b/bundles/org.openhab.persistence.influxdb/README.md index b9b46294a00..6cf565a33ab 100644 --- a/bundles/org.openhab.persistence.influxdb/README.md +++ b/bundles/org.openhab.persistence.influxdb/README.md @@ -106,3 +106,13 @@ Besides the metadata tags, there are additional configuration parameters to acti | addCategoryTag | false | no | Should the category of the item be included as tag "category"? If no category is set, "n/a" is used. | | addTypeTag | false | no | Should the item type be included as tag "type"? | | addLabelTag | false | no | Should the item label be included as tag "label"? If no label is set, "n/a" is used. | + +### Connect to InfluxDB via TLS + +InfluxDB supports TLS encryption to secure the communication with clients. + +If you use a self-signed certificate for your InfluxDB instance (which is very likely), you need to add the certificate itself or your internal CA's certificate to the Java keystore: + +1. Find your JVM's path with `ls -all /usr/bin/java`, e.g. `/opt/java/zulu17.38.21-ca-jdk17.0.5-linux_aarch32hf/bin/java`. You may need to follow some symlinks, use `ls -all` again. +1. Go to the `lib/security` directory of your JVM, e.g. `cd /opt/java/zulu17.38.21-ca-jdk17.0.5-linux_aarch32hf/lib/security`. +1. Add the certificate to the JVM's keystore: `sudo keytool -importcert -file -cacerts -keypass changeit -storepass changeit -alias `.