./dgraph live --tls “ca-cert=/mnt/dgraph/tls/ca.crt; client-cert=/mnt/dgraph/tls/client.dgraphuser.crt; client-key=/mnt/dgraph/tls/client.dgraphuser.key; server-name=192.168.15.128; internal-port=true” -f dgraph.r75366.u0103.1046/g01.rdf.gz -s dgraph.r75366.u0103.1046/g01.schema.gz
You still need to specify the alpha location (it’s defaulting to 127.0.0.1)
Maybe -a 192.168.15.128:9080?
How is Dgraph deployed? The reason I ask is that if Dgraph is deployed on Kubernetes, I would highly recommend something like a service mesh to encrypt the traffic, as mTLS will automatically be configured through automation. With this, manually configuring this is complex. If you are doing mutual TLS, then the client’s IP (or FQDN) needs to be added in the configuration of the client cert on the server that will be used to auth the client, as well as the server cert on the client to auth the server.
When doing this manually, it may be easier to configure this from a configuration file, rather than specifying these in the command line. I created some helper scripts (for use with helm chart composed configuration) that can drop hints on this process (requires GNU tools like getopt on macOS)