Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-28302

Feature request: configurable defaults for MASTER_SSL_* settings for CHANGE MASTER

    XMLWordPrintable

Details

    • New Feature
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • None
    • Replication, SSL
    • None

    Description

      When having multiple replication channels (or when changing what primary to replicate from often) and using two-way TLS the client certificate and CA files used as MASTER_SSL_* parameters in CHANGE MASTER TO will usually be the same and not change between connections to different primaries.

      So it may make sense to be able to configure a client certificate to be used for all replication channels in a central place instead of having to add MASTER_SSL_CA, MASTER_SSL_CERT and MASTER_SSL_KEY (and maybe MASTER_SSL_VERIFY_SERVER_CERT, too) again and again each time a CHANGE MASTER TO is done.

      E.g.:

      replication_ssl_ca=...
      		 
      replication_ssl_cert=...
      		 
      replication_ssl_key=...

      and maybe also an explicit MASTER_SSL_USE_DEFAULTS option to CHANGE MASTER to only use such default settings on demand.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MXS-4096 Binlog Routers SHOW SLAVE STATUS does not show SSL information

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Elkin Andrei Elkin
              hholzgra Hartmut Holzgraefe
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.