Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-15511

Use stunnel during rsync SST if available

    XMLWordPrintable

    Details

      Description

      Hi,

      This PR adds the ability to use stunnel during rsync SST, thus encrypting data on the wire.

      You then just have to have stunnel binary available, and the following in server configuration :

      [sst]
      tkey = /etc/mysql/certs/client-key.pem
      tcert = /etc/mysql/certs/client-cert.pem

      1. ca-cert.pem is not needed in configuration but will be used for peer verification
        stunnel will then be used.

      You will also have to be sure your certs dir is hashed :
      openssl rehash /etc/mysql/certs/

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jplindst Jan Lindström
              Reporter:
              svoj Sergey Vojtovich
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: