Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-31857

enable --ssl-verify-server-cert by default

Details

    Description

      The summary says it all, let's get a secure-by-default connection by enabling --ssl-verify-server-cert by default.

      Attachments

        Issue Links

          blocks

          Task - A task that needs to be done. MDEV-28634 Client's --ssl-* options (without --ssl-verify-server-cert) are silently ignored if TLS is not possible

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          causes

          Bug - A problem which impairs or prevents the functions of the product. MDEV-32473 MariaBackup requires disable-ssl-verify-server-cert

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-33430 Command line client error ERROR 2026 (HY000): TLS/SSL error: Server certificate validation failed. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. Error 0x800B0109(CERT_E_UNTRUSTEDROOT)

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. MDEV-36500 Passwordless --ssl-verify-server-cert

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. ODBC-421 Certificate verification option should be on by default

          • Major - Major loss of function.
          • Closed
          is blocked by

          New Feature - A new feature of the product, which has yet to be developed. MDEV-31856 use ephemeral ssl certificates

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-33396 main.user_limits fails sporadically with CERT_E_UNTRUSTED_ROOT

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-36663 Semi-sync Replica Can't Kill Dump Thread When Using SSL

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Activity

            Transition Time In Source Status Execution Times
            Sergei Golubchik made transition -
            Open In Progress
            		24d 20h 59m 1
            Sergei Golubchik made transition -
            In Progress Stalled
            		9s 1
            Sergei Golubchik made transition -
            Stalled In Review
            		9d 37m 1
            Oleksandr Byelkin made transition -
            In Review Stalled
            		3d 21h 11m 1
            Sergei Golubchik made transition -
            Stalled In Testing
            		7d 1h 49m 1
            Lena Startseva made transition -
            In Testing Stalled
            		126d 2h 3m 1
            Sergei Golubchik made transition -
            Stalled Closed
            		12d 18h 45m 1

            People

              serg Sergei Golubchik
              serg Sergei Golubchik
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.