Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-4096

Binlog Routers SHOW SLAVE STATUS does not show SSL information

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.5.19, 6.1.4, 6.2.4
    • Fix Version/s: 2.5.20, 6.3.1
    • Component/s: binlogrouter
    • Labels:
      None
    • Sprint:
      MXS-SPRINT-156

      Description

      When setting up a regular slave and a binlog router for encrypted replication with:

      CHANGE MASTER TO MASTER_HOST='master', 
                       MASTER_USER='repl', 
                       MASTER_PASSWORD='secret', 
                       MASTER_USE_GTID=SLAVE_POS, 
                       MASTER_SSL=1, 
                       MASTER_SSL_CA='/vagrant/ssl/ca-cert.pem', 
                       MASTER_SSL_CERT='/vagrant/ssl/maxscale-cert.pem', 
                       MASTER_SSL_KEY='/vagrant/ssl/maxscale-key.pem' ;
      

      I can verify that both are indeed using encryption:

      SELECT thread_id, name, processlist_host, connection_type 
        FROM threads 
       WHERE processlist_command ="Binlog Dump";
      +-----------+---------------------------+------------------+-----------------+
      | thread_id | name                      | processlist_host | connection_type |
      +-----------+---------------------------+------------------+-----------------+
      |        62 | thread/sql/one_connection | slave-1          | SSL/TLS         |
      |        72 | thread/sql/one_connection | maxscale         | SSL/TLS         |
      +-----------+---------------------------+------------------+-----------------+
      

      The regular slave correctly shows that TLS is used:

      MariaDB [(none)]> SHOW SLAVE STATUS\G
      *************************** 1. row ***************************
      [...]
                        Slave_IO_Running: Yes
                   Slave_SQL_Running: Yes
      [...]
             Master_SSL_Allowed: Yes
                  Master_SSL_CA_File: /vagrant/ssl/ca-cert.pem
                  Master_SSL_CA_Path: 
                     Master_SSL_Cert: /vagrant/ssl/maxscale-cert.pem
                   Master_SSL_Cipher: 
                      Master_SSL_Key: /vagrant/ssl/maxscale-key.pem
       Master_SSL_Verify_Server_Cert: No
                      Master_SSL_Crl: /vagrant/ssl/ca-cert.pem
                  Master_SSL_Crlpath: 
      [...]
      

      Not so when running SHOW SLAVE STATUS via the Maxscale binlog router though, here nothing is shown in Master_SSL_... fields:

      MariaDB [(none)]> show slave status \G
      *************************** 1. row ***************************
      [...]
                    Slave_IO_Running: Yes
                   Slave_SQL_Running: Yes
      [...]
                  Master_SSL_Allowed: No
                  Master_SSL_CA_File: 
                  Master_SSL_CA_Path: 
                     Master_SSL_Cert: 
                   Master_SSL_Cipher: 
                      Master_SSL_Key: 
       Master_SSL_Verify_Server_Cert: No
                      Master_SSL_Crl: 
                  Master_SSL_Crlpath: 
      [...]
      

        Attachments

          Activity

            People

            Assignee:
            markus makela markus makela
            Reporter:
            hholzgra Hartmut Holzgraefe
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.