Details
-
Task
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
None
-
None
Description
The documentation for MaxScale's ssl parameter says that it is deprecated to set the parameter to required:
ssl
|
This enables SSL connections when set to true. The parameter takes a boolean value and is disabled by default. The parameter also accepts the special values required and disabled which were the only supported values before MaxScale 2.3.0. The use of required and disabled is deprecated.
|
https://mariadb.com/kb/en/mariadb-maxscale-25-mariadb-maxscale-configuration-guide/#ssl
However, the two TLS configuration examples on the same page set the parameter to the deprecated value.
It uses the deprecated value in the example server configuration:
[server1]
|
type=server
|
address=10.131.24.62
|
port=3306
|
ssl=required
|
ssl_cert=/usr/local/mariadb/maxscale/ssl/crt.max-client.pem
|
ssl_key=/usr/local/mariadb/maxscale/ssl/key.max-client.pem
|
ssl_ca_cert=/usr/local/mariadb/maxscale/ssl/crt.ca.maxscale.pem
|
And it uses the deprecated value in the example listener configuration:
[RW-Split-Listener]
|
type=listener
|
service=RW-Split-Router
|
protocol=MariaDBClient
|
port=3306
|
ssl=required
|
ssl_cert=/usr/local/mariadb/maxscale/ssl/crt.maxscale.pem
|
ssl_key=/usr/local/mariadb/maxscale/ssl/key.csr.maxscale.pem
|
ssl_ca_cert=/usr/local/mariadb/maxscale/ssl/crt.ca.maxscale.pem
|
If the required value is deprecated, then the examples should probably set the ssl parameter to true instead.