Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-23604

ECDHE Ciphersuites not negociated by MariaDB

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Cannot Reproduce
    • Affects Version/s: 10.3.13
    • Fix Version/s: N/A
    • Component/s: Configuration
    • Labels:
    • Environment:
      Red Hat Enterprise Linux Server release 7.6 (Maipo)

      Description

      Hello.
      During the TLS handshake, several clients present ECDHE ciphers during the "Hello client" step. However, the MariaDB server never seems to negotiate the ECDHE (Elliptic Curve Diffie-Hellman) ciphers, even if there is no restriction in the ssl-cipher parameter in [mysqld].
      I have the impression that something must be wrong somewhere.

      By the way, wouldn't it be a better choice to make MariaDB server choose his favorite cipher ? (see SSLHonorCipherOrder parameter, available in Apache) ?

      Thanks

        Attachments

          Activity

            People

            Assignee:
            serg Sergei Golubchik
            Reporter:
            Micada Micada
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration