Details
Major Description
Maxctrl doesn't appear to use the option --tls-verify-server-cert=false in interactive mode:
Non-interactive verifying cert (normal error):
[root@608677d6a0ca /]# maxctrl list servers --secure --tls-ca-cert=/etc/ssl/mycerts/ca.crt --tls-cert=/etc/ssl/mycer
|
ts/server.crt --tls-key=/etc/ssl/mycerts/server.key
|
Error: Hostname/IP does not match certificate's altnames: IP: 127.0.0.1 is not in the cert's list:
|
Non-interactive without verifying cert:
[root@608677d6a0ca /]# maxctrl list servers --secure --tls-ca-cert=/etc/ssl/mycerts/ca.crt --tls-cert=/etc/ssl/mycerts/server.crt --tls-key=/etc/ssl/mycerts/server.key --tls-verify-server-cert=false
|
┌─────────┬──────────┬──────┬─────────────┬─────────────────┬───────────┬──────────┐
|
│ Server │ Address │ Port │ Connections │ State │ GTID │ Monitor │
|
├─────────┼──────────┼──────┼─────────────┼─────────────────┼───────────┼──────────┤
|
│ server1 │ mariadb1 │ 3306 │ 0 │ Master, Running │ 0-5-54416 │ monitor1 │
|
├─────────┼──────────┼──────┼─────────────┼─────────────────┼───────────┼──────────┤
|
│ server2 │ mariadb2 │ 3306 │ 0 │ Slave, Running │ 0-5-54416 │ monitor1 │
|
└─────────┴──────────┴──────┴─────────────┴─────────────────┴───────────┴──────────┘
|
Interactive verifying cert (normal error):
[root@608677d6a0ca /]# maxctrl --secure --tls-ca-cert=/etc/ssl/mycerts/ca.crt --tls-cert=/etc/ssl/mycerts/server.crt --tls-key=/etc/ssl/mycerts/server.key
|
maxctrl list servers
|
Error: Hostname/IP does not match certificate's altnames: IP: 127.0.0.1 is not in the cert's list:
|
Interactive without verifying cert:
[root@608677d6a0ca /]# maxctrl --secure --tls-ca-cert=/etc/ssl/mycerts/ca.crt --tls-cert=/etc/ssl/mycerts/server.crt
|
--tls-key=/etc/ssl/mycerts/server.key --tls-verify-server-cert=false
|
maxctrl list servers
|
Error: Hostname/IP does not match certificate's altnames: IP: 127.0.0.1 is not in the cert's list:
|