Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-16219

mariadb ssl_rsa_setup maintenance tool with galera option would accelerate tls deployment on galera cluster

    XMLWordPrintable

Details

    Description

      mariadb ssl_rsa_setup maintenance tool with galera option would accelerate tls deployment on galera cluster

      mariadb is supporting tls encryption in client - server channels
      as well in mariadb galera cluster.
      Deployment of ssl however requires more steps and it would be useful to have
      mariadb_ssl_rsa_setup tool to accelerate it and avoid miss configuration errors.

      tool may generate client and server certification files and keys
      export them optionally to the server or cluster nodes /etc/mysql/certification dir(s)
      with appropriate ownership and permissions
      and prepare optionally server or cluster nodes configuration files .

      [root@t4w5 ~]# ls -l /etc/ | grep mysql
      drwxr-xr-x   3 mysql mysql      16 May 11 13:51 mysql
      [root@t4w5 ~]# ls /etc/mysql/cc
      client.crt  client.key  client.pem  server.crt  server.key  server.pem
       

      galera node server.cnf

      [mysqld]
       
      #ssl-ca=/etc/mysql/cc/server.crt
      #ssl-key=/etc/mysql/cc/server.key
      #ssl-cert=/etc/mysql/cc/server.pem
       
       
       
      [client]
       
      #ssl-ca=/etc/mysql/cc/client.crt
      #ssl-key=/etc/mysql/cc/client.key
      #ssl-cert=/etc/mysql/cc/client.pem
       
       
       

      [mysqld]
       
      ssl-ca=/etc/mysql/cc/server.crt
      ssl-key=/etc/mysql/cc/server.key
      ssl-cert=/etc/mysql/cc/server.pem
       
       
       
      [client]
       
      ssl-ca=/etc/mysql/cc/client.crt
      ssl-key=/etc/mysql/cc/client.key
      ssl-cert=/etc/mysql/cc/client.pem
       
       
       

      Attachments

        Issue Links

          Activity

            People

              seppo Seppo Jaakola
              winstone Zdravelina Sokolovska (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.