Skip to content

Commit 77937e9

Browse files
jstirnamanjstirnaman
committed
fix(oss): Apply suggestion from code review. Remove numbers, add TOC.
1 parent 00765d1 commit 77937e9

File tree

1 file changed

+23
-14
lines changed

1 file changed

+23
-14
lines changed

content/influxdb/v2/admin/security/enable-tls.md

Lines changed: 23 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -258,7 +258,16 @@ Restart Telegraf using the updated configuration file.
258258

259259
## Troubleshoot TLS
260260

261-
### 1. Check InfluxDB logs
261+
Identify and resolve issues after activating TLS.
262+
263+
- [Check InfluxDB logs](#check-influxdb-logs)
264+
- [Verify certificate and key files](#verify-certificate-and-key-files)
265+
- [Test with OpenSSL](#test-with-openssl)
266+
- [Check file permissions](#check-file-permissions)
267+
- [Verify TLS configuration](#verify-tls-configuration)
268+
- [Update OpenSSL and InfluxDB](#update-openssl-and-influxdb)
269+
270+
### Check InfluxDB logs
262271

263272
Review the InfluxDB logs for any error messages or warnings about the issue.
264273

@@ -269,7 +278,7 @@ msg="http: TLS handshake error from [::1]:50476:
269278
remote error: tls: illegal parameter" log_id=0rqN8H_0000 service=http
270279
```
271280

272-
### 2. Verify certificate and key Files
281+
### Verify certificate and key Files
273282

274283
To ensure that the certificate and key files are correct and match each other,
275284
enter the following command in your terminal:
@@ -279,7 +288,16 @@ openssl x509 -noout -modulus -in /etc/ssl/influxdb-selfsigned.crt | openssl md5
279288
openssl rsa -noout -modulus -in /etc/ssl/influxdb-selfsigned.key | openssl md5
280289
```
281290

282-
### 3. Check file permissions
291+
### Test with OpenSSL
292+
293+
Use OpenSSL to test the server's certificate and key--for example, enter the
294+
following command in your terminal:
295+
296+
```bash
297+
openssl s_client -connect localhost:8086 -CAfile /etc/ssl/influxdb-selfsigned.crt
298+
```
299+
300+
### Check file permissions
283301

284302
Ensure that the InfluxDB process has read access to the certificate and key
285303
files--for example, enter the following command to set file permissions:
@@ -289,22 +307,13 @@ sudo chmod 644 /etc/ssl/influxdb-selfsigned.crt
289307
sudo chmod 600 /etc/ssl/influxdb-selfsigned.key
290308
```
291309

292-
### 4. Verify TLS configuration
310+
### Verify TLS configuration
293311

294312
Ensure that the TLS configuration in InfluxDB is correct.
295313
Check the paths to the certificate and key files in the InfluxDB configuration
296314
or command line flags.
297315

298-
### 5. Test with OpenSSL
299-
300-
Use OpenSSL to test the server's certificate and key--for example, enter the
301-
following command in your terminal:
302-
303-
```bash
304-
openssl s_client -connect localhost:8086 -CAfile /etc/ssl/influxdb-selfsigned.crt
305-
```
306-
307-
### 6. Update OpenSSL and InfluxDB
316+
### Update OpenSSL and InfluxDB
308317

309318
Ensure that you are using the latest versions of OpenSSL and InfluxDB, as
310319
updates may include fixes for TLS-related issues.

0 commit comments

Comments
 (0)