Install the ClickHouse® client

This page explains how to install the ClickHouse client to interact with your custer. You can use the method that best suites your needs.

  1. Open your terminal.

  2. (Optional) Start Docker if needed:

    sudo service docker start

  3. Pull the clickhouse-client Docker image:

    docker pull clickhouse/clickhouse-client

  1. Open your terminal.

  2. Connect to the ClickHouse® official DEB repository from your Linux system:

    sudo apt update && sudo apt install -y apt-transport-https ca-certificates dirmngr && \
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 8919F6BD2B48D754 && \
echo "deb https://packages.clickhouse.com/deb stable main" | sudo tee \
/etc/apt/sources.list.d/clickhouse.list

  3. Refresh the package list and install the clickhouse-client :

    sudo apt update && sudo apt install -y clickhouse-client

  1. Open your terminal.

  2. Connect to a ClickHouse® official RPM repository from your Linux system:

    sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://packages.clickhouse.com/rpm/clickhouse.repo

  3. Install the clickhouse-client :

    sudo yum install -y clickhouse-client

Warning

If you run a RedHat 7-based Linux distribution, including Cent OS 7, Oracle Linux 7 and others, you need to download and install trusted certificates and manually add the path to them in the clickhouse-client configuration file as follows:

  1. Install the root certificate:

    curl https://letsencrypt.org/certs/isrg-root-x2-cross-signed.pem > \ 
/etc/pki/ca-trust/source/anchors/isrg-root-x2-cross-signed.pem

  2. Install the intermediate certificate:

    curl https://letsencrypt.org/certs/lets-encrypt-r3-cross-signed.pem > \
/etc/pki/ca-trust/source/anchors/lets-encrypt-r3-cross-signed.pem

  3. Update the list of trusted certificates:

    sudo update-ca-trust

  4. Locate your clickhouse-client configuration file (by default, you can find it at /etc/clickhouse-client/config.xml) and add the path to the certificates into the <openSSL> section:

    <client> <!-- Used for connection to server's secure tcp port -->
   <loadDefaultCAFile>true</loadDefaultCAFile>
   <cacheSessions>true</cacheSessions>
   <disableProtocols>sslv2,sslv3</disableProtocols>
   <preferServerCiphers>true</preferServerCiphers>
   <caConfig>/etc/ssl/certs/ca-bundle.crt</caConfig>
   <!-- Use for self-signed: <verificationMode>none</verificationMode> -->
   <invalidCertificateHandler>
   <!-- Use for self-signed: <name>AcceptCertificateHandler</name> -->
   <name>RejectCertificateHandler</name>
   </invalidCertificateHandler>
</client>
Previous
Configure cluster maintenance
Next
Connect to a cluster