[MDEV-34263] Host verification for gmcast.listen_addr (wsrep_provider_options) - Jira

XML

Word

Printable

Details

Type: New Feature
Status: Needs Feedback (View Workflow)
Priority: Major
Resolution: Unresolved
Fix Version/s: None
Component/s: Galera
Labels:
None

Description

Customer states:
"TLS is not only a way to encrypt communication, it also authenticates the server to the client, which checks that the certificate presented is fully valid for the hostname used (right CN/SAN, and the current date inside the period of validity). This matters for us as per our compliance requirements, both internal and external like PCI-DSS, all communications have to be protected. We can't have nodes sending sensitive data if somebody managed to have a rogue server up and running on the same IP address."

Attachments

Activity

People

Assignee:: Edward Stoever

Reporter:: Edward Stoever

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2024-05-29 22:39

Updated:: 2024-08-14 04:59

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.