Skip to content

3.1.0
Compare
Choose a tag to compare
@amunra amunra released this 23 Nov 09:15
· 33 commits to main since this release
3.1.0
ced64a9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

What's Changed

This release adds support for reading TLS CA root certificates from the host operating system.
The default remains to use the root certificates provided by the webpki-roots Rust crate.
The TLS negotiation is still performed by using the rustls Rust crate, and not using OpenSSL or other OS-specific TLS APIs.

This new feature is particularly valuable when using QuestDB Enterprise in corporate environments where the set of trusted root CA certificates is custom to the organisation and deployed to each OS's root CA certificate store.

To enable this feature:

If programming in Rust:

SenderBuilder::new(...)
    .tls(Tls::Enabled(CertificateAuthority::OsRoots))

If programming in C:

line_sender_opts* opts = ...;
line_sender_opts_tls_os_roots(opts);

If programming in C++:

questdb::ingress::opts opts{...};
opts.tls_os_roots(opts);

Full Changelog: 3.0.0...3.1.0

Assets 2
Loading