Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-28302

Feature request: configurable defaults for MASTER_SSL_* settings for CHANGE MASTER

    XMLWordPrintable

Details

    • Q2/2025 Development, Q3/2025 Server Development

    Description

      When having multiple replication channels (or when changing what primary to replicate from often) and using two-way TLS the client certificate and CA files used as MASTER_SSL_* parameters in CHANGE MASTER TO will usually be the same and not change between connections to different primaries.

      So it may make sense to be able to configure a client certificate to be used for all replication channels in a central place instead of having to add MASTER_SSL_CA, MASTER_SSL_CERT and MASTER_SSL_KEY (and maybe MASTER_SSL_VERIFY_SERVER_CERT, too) again and again each time a CHANGE MASTER TO is done.

      E.g.:

      replication_ssl_ca=...
      		 
      replication_ssl_cert=...
      		 
      replication_ssl_key=...

      and maybe also an explicit MASTER_SSL_USE_DEFAULTS option to CHANGE MASTER to only use such default settings on demand.

      Attachments

        Issue Links

          includes

          New Feature - A new feature of the product, which has yet to be developed. MDEV-37362 Save the set/unset state of CHANGE MASTER configurations

          • Major - Major loss of function.
          • Stalled
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-35584 11.4 relpica can't replicate form 10.6 master not configured for SSL using CHANGE MASTER default settings

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. MDEV-37530 Refactor Master & Relay Log info to iterable tuples

          • Major - Major loss of function.
          • Open

          Task - A task that needs to be done. MDEV-36141 Master & Relay Log Info: expand init_intvar_from_file from atoi to atoll

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Bug - A problem which impairs or prevents the functions of the product. MXS-4096 Binlog Routers SHOW SLAVE STATUS does not show SSL information

          • Major - Major loss of function.
          • Closed
          split to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-36841 No ER_SLAVE_HEARTBEAT_VALUE_OUT_OF_RANGE_MAX warning when setting @@GLOBAL.slave_net_timeout to below CHANGE MASTER’s master_heartbeat_period

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Activity

            People

              ParadoxV5 Jimmy Hú
              hholzgra Hartmut Holzgraefe
              Jimmy Hú Jimmy Hú
              Andrei Elkin Andrei Elkin
              Susil Behera Susil Behera
              Votes:
              1 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.