es-gencert-cli
binary and choose Open
. Then, choose Open
again in the warning window. The tool will run once in the terminal window. From that moment on you will be run the tool using the command line. certs
subdirectory. mkdir certs
./es-gencert-cli create-ca -out ./certs/ca
By default, the tool will create the ca
directory in the certs
directory you created earlier and add two files there: ca.crt
and ca.key
. eventstoredb-node
[not provided]
[not provided]
[not provided]
./es-gencert-cli create-node -ca-certificate ./certs/ca/ca.crt -ca-key ./certs/ca/ca.key -out ./certs/node1 -ip-addresses [not provided] -dns-names [not provided]
eventstoredb-node
[not provided]
[not provided]
[not provided]
./es-gencert-cli create-node -ca-certificate ./certs/ca/ca.crt -ca-key ./certs/ca/ca.key -out ./certs/node2 -ip-addresses [not provided] -dns-names [not provided]
eventstoredb-node
[not provided]
[not provided]
[not provided]
./es-gencert-cli create-node -ca-certificate ./certs/ca/ca.crt -ca-key ./certs/ca/ca.key -out ./certs/node3 -ip-addresses [not provided] -dns-names [not provided]
ca.crt
file to each node to /etc/eventstore/certs/ca
. In addition, you need to copy the certificate and the key for each node to the machine of the node. Both files (node.crt
and node.key
) need to be placed in the /etc/eventstore/certs
directory of the server. chmod 600 [file]
Use packagecloud private repository:
curl -s https://packagecloud.io/install/repositories/EventStore/EventStore-OSS/script.deb.sh | sudo bash
sudo apt install eventstore-oss=21.10.6
eventstore
service doesn't start automatically. That's because you need to provide the configuration first, which includes all the necessary options for the EventStoreDB node to work. node.crt
and node.key
files to /etc/eventstore/certs
on each node. /etc/eventstore/certs
on each node. ca.crt
file to /etc/eventstore/certs/ca
on each node. eventstore.conf
using the node configuration from the section below, for each node. /etc/eventstore
directory of the node. sudo systemctl start eventstore
command. EventStore.ClusterNode.exe --config /etc/eventstore\eventstore.conf
---
# Paths
Db: /var/lib/eventstore
Index: /var/lib/eventstore/index
Log: /var/log/eventstore
# Certificates configuration
CertificateFile: /etc/eventstore/certs/node.crt
CertificatePrivateKeyFile: /etc/eventstore/certs/node.key
TrustedRootCertificatesPath: /etc/eventstore/certs/ca
# Network configuration
IntIp: [not provided]
ExtIp: [not provided]
HttpPort: 2113
IntTcpPort: 1112
ExtTcpPort: 1113
EnableExternalTcp: true
EnableAtomPubOverHTTP: true
# Cluster gossip
ClusterSize: 3
DiscoverViaDns: true
ClusterDns: [not provided]
# Projections configuration
RunProjections: All
---
# Paths
Db: /var/lib/eventstore
Index: /var/lib/eventstore/index
Log: /var/log/eventstore
# Certificates configuration
CertificateFile: /etc/eventstore/certs/node.crt
CertificatePrivateKeyFile: /etc/eventstore/certs/node.key
TrustedRootCertificatesPath: /etc/eventstore/certs/ca
# Network configuration
IntIp: [not provided]
ExtIp: [not provided]
HttpPort: 2113
IntTcpPort: 1112
ExtTcpPort: 1113
EnableExternalTcp: true
EnableAtomPubOverHTTP: true
# Cluster gossip
ClusterSize: 3
DiscoverViaDns: true
ClusterDns: [not provided]
# Projections configuration
RunProjections: All
---
# Paths
Db: /var/lib/eventstore
Index: /var/lib/eventstore/index
Log: /var/log/eventstore
# Certificates configuration
CertificateFile: /etc/eventstore/certs/node.crt
CertificatePrivateKeyFile: /etc/eventstore/certs/node.key
TrustedRootCertificatesPath: /etc/eventstore/certs/ca
# Network configuration
IntIp: [not provided]
ExtIp: [not provided]
HttpPort: 2113
IntTcpPort: 1112
ExtTcpPort: 1113
EnableExternalTcp: true
EnableAtomPubOverHTTP: true
# Cluster gossip
ClusterSize: 3
DiscoverViaDns: true
ClusterDns: [not provided]
# Projections configuration
RunProjections: All
Connection string:
esdb+discover://admin:changeit@[not provided]:2113?tls=true
Note:
You either need to add the CA certificate to the trusted CA store of the client machine, or add &tlsVerifyCert=false
to the connection string.