tiup cluster tls

The tiup cluster tls command is used to enable TLS (Transport Layer Security) between cluster components. It automatically generates and distributes self-signed certificates to each node in the cluster.

Syntax

tiup cluster tls <cluster-name> <enable/disable> [flags]

<cluster-name> specifies the cluster for which you want to enable or disable TLS.

Options

--clean-certificate

When you disable TLS, use this option to clean up previously generated certificates.
Data type: BOOLEAN
Default: false
If you do not specify this option, old certificates might be reused when you enable TLS again.

--force

Forces enabling or disabling TLS, regardless of the cluster's current TLS status.
Data type: BOOLEAN
Default: false
If you do not specify this option, the operation is skipped if the cluster is already in the requested state.

--reload-certificate

When you enable TLS, use this option to regenerate certificates.
Data type: BOOLEAN
Default: false
If you do not specify this option, new certificates are not generated if certificates already exist.

-h, --help

Prints the help information.
Data type: BOOLEAN
Default: false

Output

Execution logs of the tiup-cluster command.

Was this page helpful?

Download PDF Request docs changes Ask the community