[MDEV-19475] Add support for OpenSSL configuration files - Jira

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: Major
Resolution: Won't Fix
Fix Version/s: N/A
Component/s: SSL
Labels:
None

Description

OpenSSL allows applications to load OpenSSL configuration files:

https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_config.html

https://www.openssl.org/docs/man1.1.1/man3/CONF_modules_load_file.html

https://www.openssl.org/docs/man1.1.1/man5/config.html

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-using_openssl#sec-Configuring_OpenSSL

There could be some benefits to changing MariaDB server, so that it supports the ability to load an OpenSSL configuration file.

For example, since ~~MDEV-14101~~ is not implemented, the server can't currently be restricted to a specific TLS protocol version. An OpenSSL configuration file would allow users a way to work around that.

It also allows users the ability to configure algorithms used by OpenSSL.

Attachments

Issue Links

relates to

MDEV-14101 Provide option to select TLS protocol version

Closed

MDEV-20170 main.tls_version and main.tls_version1 fail in buildbot on RHEL8

Closed

MDEV-20260 Port the ssl_fips_mode system variable from MySQL

Closed

Activity

People

Assignee:: Sergei Golubchik

Reporter:: Geoff Montee (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2019-05-15 00:04

Updated:: 2020-05-12 07:21

Resolved:: 2020-05-12 07:20

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.