Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-5637

ssl_ciphers-setting does not affect TLSv1.3 ciphers

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Minor
    • Resolution: Fixed
    • 22.08.18, 23.02.15, 23.08.11, 24.02.7, 25.01.4, 25.10.0
    • 25.01.5, 25.10.1
    • Core, Documentation
    • None
    • MXS-CAPACITY-25-4

    Description

      MariaDB has had the ability to select TLSv1.3 ciphers since 10.3.8 (MDEV-15596) yet it is undocumented.

      MaxScale should have the same functionality for ssl_cipher in Servers and Listener configs using the OpenSSL function SSL_CTX_set_ciphersuites().

      Note that MDEV-34869 tracks an issue when mixing both TLSv1.2 and TLSv1.3 ciphers which might be useful information.

      Attachments

        Activity

          People

            allen.herrera Allen Herrera
            Ali.maria Alasdair Haswell
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.