Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
2.4.9
-
None
Description
When passing a command to maxctrl directly on the command line, communicating with a maxscale instance with admin_ssl_* enabled works fine.
When using interactive mode, any ssl/tls options seem to be ignored though, and maxctrl sends commands in the clear, as can be verified by tracking maxscale system calls with strace, and clearly seeing cleartext "GET /" being received right after a new connection comes in, instead of starting with the TLS handshake ...
So this works fine:
$ maxctrl -s --tls-key=/vagrant/files/ssl/client-key.pem --tls-cert=/vagrant/files/ssl/client-cert.pem --tls-ca-cert=/vagrant/files/ssl/ca-cert.pem list servers
|
┌─────────┬───────────┬──────┬─────────────┬───────┬──────┐
|
│ Server │ Address │ Port │ Connections │ State │ GTID │
|
├─────────┼───────────┼──────┼─────────────┼───────┼──────┤
|
│ server1 │ 10.0.2.15 │ 3306 │ 0 │ Down │ │
|
└─────────┴───────────┴──────┴─────────────┴───────┴──────┘
|
While this doesn't:
$ maxctrl -s --tls-key=/vagrant/files/ssl/client-key.pem --tls-cert=/vagrant/files/ssl/client-cert.pem --tls-ca-cert=/vagrant/files/ssl/ca-cert.pem
|
maxctrl list servers
|
Error: {
|
"code": "ECONNRESET"
|
}
|
maxctrl
|