Transport Layer Security (TLS) is a very common security way when transport data through Internet. In some use cases, end users report the background:
Target(under monitoring) applications are in a region, which also named VPC, at the same time, the SkyWalking backend is in another region (VPC).
Because of that, security requirement is very obvious.
Only support no mutual auth.
- Use this script if you are not familiar with how to generate key files.
- Find
ca.crt, and use it at client side - Find
server.crt,server.pemandca.crt. Use them at server side. Please refer to gRPC SSL for more details.
- Place
ca.crtinto/cafolder in agent package. Notice,/cais not created in distribution, please create it by yourself.
Agent open TLS automatically after the /ca/ca.crt file detected.
o make sure can't access other ports out of region (VPC), such as firewall, proxy.