Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Incomplete
-
None
Description
MariaDB 10.4.12
+----------------------------------------------------------------------------------------------------+
|
| CREATE USER for external_user@% |
|
+----------------------------------------------------------------------------------------------------+
|
| CREATE USER 'external_user'@'%' IDENTIFIED BY PASSWORD '*AAD4C8BF6E6FF7F1185C0248DED4E1B674017384' REQUIRE SSL |
|
+----------------------------------------------------------------------------------------------------+
|
i have enabled ssl for the database server and have implemented forced encryption for only 1 account. however they are still able to run un-encrypted transactions using that account. what am i doing missing?
MariaDB [(none)]> SHOW GLOBAL VARIABLES LIKE 'tls_version';
|
+---------------+---------+
|
| Variable_name | Value |
|
+---------------+---------+
|
| tls_version | TLSv1.2 |
|
+---------------+---------+
|
1 row in set (0.001 sec)
|
|
MariaDB [(none)]> SHOW VARIABLES LIKE '%SSL%';
|
+---------------------+-------------------------------------+
|
| Variable_name | Value |
|
+---------------------+-------------------------------------+
|
| have_openssl | NO |
|
| have_ssl | YES |
|
| ssl_ca | /opt/app/mysql/data/ca-cert.pem |
|
| ssl_capath | |
|
| ssl_cert | /opt/app/mysql/data/server-cert.pem |
|
| ssl_cipher | |
|
| ssl_crl | |
|
| ssl_crlpath | |
|
| ssl_key | /opt/app/mysql/data/server-key.pem |
|
| version_ssl_library | WolfSSL 4.3.0 |
|
+---------------------+-------------------------------------+
|
10 rows in set (0.001 sec)
|
|
MariaDB [(none)]> ALTER USER 'external_user'@'%' REQUIRE SSL;
|
Query OK, 0 rows affected (0.004 sec)
|
|
MariaDB [(none)]> select user, host, ssl_type, ssl_cipher, x509_issuer, x509_subject from mysql.user where user='external_user';
|
+---------------+------+----------+------------+-------------+--------------+
|
| User | Host | ssl_type | ssl_cipher | x509_issuer | x509_subject |
|
+---------------+------+----------+------------+-------------+--------------+
|
| external_user | % | ANY | | | |
|
+---------------+------+----------+------------+-------------+--------------+
|
1 row in set (0.001 sec)
|
|
MariaDB [(none)]>
|