Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-34263

Host verification for gmcast.listen_addr (wsrep_provider_options)

    XMLWordPrintable

Details

    • New Feature
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • None
    • Galera
    • None

    Description

      Customer states:
      "TLS is not only a way to encrypt communication, it also authenticates the server to the client, which checks that the certificate presented is fully valid for the hostname used (right CN/SAN, and the current date inside the period of validity). This matters for us as per our compliance requirements, both internal and external like PCI-DSS, all communications have to be protected. We can't have nodes sending sensitive data if somebody managed to have a rogue server up and running on the same IP address."

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. MDEV-37338 Let Galera check ISSUER / SUBJECT of certificates of other nodes

          • Major - Major loss of function.
          • Open

          Activity

            People

              janlindstrom Jan Lindström
              edward Edward Stoever
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.