Details
-
Task
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
2.3.13, 2.4.2
-
None
Description
OpenSSL 1.1.1 and later supports TLSv1.3. See here:
https://wiki.openssl.org/index.php/TLS1.3
This version of OpenSSL and its support for TLSv1.3 are included in RHEL 8 and Ubuntu 18.04. See here:
https://www.redhat.com/en/blog/transport-layer-security-version-13-red-hat-enterprise-linux-8
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1797386
Based on the documentation and the source code, it appears that MaxScale only supports up to TLSv1.2 at the moment:
https://mariadb.com/kb/en/mariadb-maxscale-24-mariadb-maxscale-configuration-guide/#ssl_version
https://github.com/mariadb-corporation/MaxScale/blob/maxscale-2.4.3/server/core/ssl.cc#L41
We should make sure that MaxScale supports TLSv1.3 when it is built with OpenSSL 1.1.1 or later.
Attachments
Issue Links
- relates to
-
MXS-2760 ssl_version value conversion is wrong
- Closed