Details
Description
if the server is started with --ssl but without properly configured certificates, it will advertise the ssl support in the handshake, but will not actually be able to use it. so a client with --ssl will fail to connect with the ssl error (e.g. "sslv3 alert handshake failure" in OpenSSL).
I think the server should not start if it was requested to use ssl, but it cannot actually do it.
Attachments
Issue Links
- causes
-
MDEV-30270 ssl_cipher on Non-SSL system results in confusing SSL error
- Open
-
MDEV-30818 invalid ssl prevents bootstrap
- Closed