Hi, I’m trying to connect to a CockroachCloud cluster, which requires a CA certificate. Where should I store the certificate file? I’m guessing volumes might be a good choice. Should I store one copy of the file in each region that the app is deployed to?
You could store it in a volume.
You can also set it as a secret or just an environment variable (if it’s just the CA public key) and, using an entrypoint, write it to disk before cockroach starts.
Thanks for your reply.
CockroachCloud seems to require a CA certificate file so I think I have to use store it in volume for each region.
Indeed. I suggested writing the file to disk in an entrypoint, something like:
echo "$CACERT" > path/to/certs/ca.pem
2 Likes