Using HTTPS with Self-Signed Certificates
Using self-signed certificates is not recommended for production deployment as it is less secure, but it can be useful when testing a deployment. When using this mode, the data will be encrypted over the wire, but the certificate will not be validated.
If you do not specify a key and a certificate in the TLS_KEY and TLS_CERT properties, grb_rs and grb_rsm will generate them for you at startup. You can also specify your own self-signed certificate using TLS_KEY and TLS_CERT properties.
To use a self-signed certificate, you will need to activate insecure mode by setting the following property for grb_rs:
At the same time, similar properties must be set for grb_rsm:
When using grbcluster, you will also need to activate this mode by using the —tls-insecure flag with the login command.
> grbcluster login --manager=https://mymanager:61080 --username=sysadmin --tls-insecure info : Using client license file '/Users/jones/gurobi.lic' Password for sysadmin: info : User gurobi connected to https://mymanager:61080, session will expire on...
When using other clients such as gurobi_cl, grbtune, you can set the GRB_TLS_INSECURE environment variable. In the programming language APIs, there is also a CSTLSINSECURE parameter.