Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-4102

Support for passphrase protected certificate keys

    XMLWordPrintable

Details

    • New Feature
    • Status: Open (View Workflow)
    • Minor
    • Resolution: Unresolved
    • None
    • Icebox
    • None
    • None

    Description

      Maxscale should support TLS certificates with password / passphrase protected keys.

      I haven't tested how it would deal with such keys, but I assume it would "suffer" from the same TLS library default behavior as the MariaDB server and would try to prompt the user for passwords / passphrases, so breaking automated service startups when faced with such keys.

      What makes things more complicated here is that unlike the server Maxscale does not only have to deal with a single certificate, but can have different certificates per server, listener, and for the REST API. Also the same key may be used in multiple places.

      Attachments

        Issue Links

          relates to

          Task - A task that needs to be done. MDEV-14091 Support for passphrase protected keys

          • Major - Major loss of function.
          • Open

          Activity

            People

              toddstoffel Todd Stoffel
              hholzgra Hartmut Holzgraefe
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.