Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-14101

Provide option to select TLS protocol version

    Details

    • Type: Task
    • Status: Closed (View Workflow)
    • Priority: Blocker
    • Resolution: Fixed
    • Fix Version/s: 10.4.6
    • Component/s: SSL
    • Labels:
      None

      Description

      Currently it's not possible to run MariaDB with a specific TLS protocol, option --ssl_cipher=:TLSv1.2 excludes cipher suites < TLSv1.2, but doesn't set the protocol to TLSv1.2 only.

      Suggestion:

      --tls-version=versions
      

      Valid values are TLSv1, TLSv1.1, TLSv1.2, TLSv1.3 (OpenSSL only) or a combination (separated by comma) of them.
      If not specified default=TLSv1,TLSv1.1,TLSv1.2, TLSv1.3 will be used for OpenSSL, TLSv1,TLSv1.1 for Yassl.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                georg Georg Richter
                Reporter:
                georg Georg Richter
              • Votes:
                2 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: