-
Goal: Read Postgres ssl certificate, key & ca from wither a secret (exposed environment variable), or from a file on the local system. (
-
Steps: Nothing - the certificate/key and ca fields in the resoruce setup scren require a file upload - so i cant add a secret string interpolation there.
-
Details: Running retool on a business tier licence
Hello @Cole_Diffin!
I am a little confused by your question, did you follow our docs on configuring SSL certs?
You should be able to use a file button or a file input component to grab files from your local system to get them onto your Retool app.
Can you share a screenshot of your Resource setup?
Hi Jack
Yes i have followed the docs.
For additional context:
- We on retool self hosted.
- i'm trying to keep all my secrets managed in IAAC Username/password/host are currently passed in via exposed environment variables.
- i cant find a way to pass in the certificate content, or a file path reference for the resource creation.
If my postgres server needs to roll the certificates, i want to avoid needing to locate, download and reupload the certificates to Retool.
Ah apologies I misunderstood your question
To set up SSL for the Postgres DB, you would need to put those environment variables and the route into these ENV vars in your self-hosted setup, which differs depending on how you are hosting setup.
Here are the three variables you would need to set up!
POSTGRES_CUSTOM_SSL_CA_FILE_NAME
POSTGRES_CUSTOM_SSL_CERT_PATH
POSTGRES_CUSTOM_SSL_KEY_FILE_NAME
You might need to mount the file in the Retool container. Then specify the file path to where that file is in the ...PATH variable.
Hope this helps!