From 2e7d3822fe764c9a5a3561c10ecce93be7bdf008 Mon Sep 17 00:00:00 2001 From: antonio2368 Date: Tue, 20 Oct 2020 15:49:10 +0200 Subject: [PATCH] Disable SSL by default (#25) * Print the connection type used (with/without SSL) * Update CHANGELOG Co-authored-by: Antonio Andelic --- CHANGELOG.md | 5 +++++ config/flags.yaml | 8 -------- src/memgraph.cpp | 3 +++ 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2094fe3d6..a549309f9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,11 @@ ## v1.2.0 +### Breaking Changes + +* SSL is disabled by default (`--bolt-cert-file` and `--bolt-key-file` are + empty). This change might only affect the client connection configuration. + ### Major Features and Improvements * Added support for Bolt v4.0 and v4.1. diff --git a/config/flags.yaml b/config/flags.yaml index 12e6ccdfc..783faed61 100644 --- a/config/flags.yaml +++ b/config/flags.yaml @@ -39,14 +39,6 @@ modifications: value: "/var/log/memgraph/memgraph.log" override: true - - name: "bolt_cert_file" - value: "/etc/memgraph/ssl/cert.pem" - override: true - - - name: "bolt_key_file" - value: "/etc/memgraph/ssl/key.pem" - override: true - - name: "bolt_num_workers" value: "" override: false diff --git a/src/memgraph.cpp b/src/memgraph.cpp index 4c60c95b4..612376e66 100644 --- a/src/memgraph.cpp +++ b/src/memgraph.cpp @@ -1002,6 +1002,9 @@ int main(int argc, char **argv) { if (!FLAGS_bolt_key_file.empty() && !FLAGS_bolt_cert_file.empty()) { context = ServerContext(FLAGS_bolt_key_file, FLAGS_bolt_cert_file); service_name = "BoltS"; + std::cout << "Using secure Bolt connection (with SSL)" << std::endl; + } else { + std::cout << "Using non-secure Bolt connection (without SSL)" << std::endl; } ServerT server({FLAGS_bolt_address, static_cast(FLAGS_bolt_port)},