Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-6383

Support "allow" SSL-mode in server configuration

    XMLWordPrintable

Details

    • MXS-SPRINT-268

    Description

      Would be nice for consistency with listener configuration. For servers, "ssl=allow" means try with SSL but fall back to unencrypted connections if server does not support SSL.

      In the mariadbbackend protocol code, look at the server capabilities to see if SSL is possible. With ConnectorC-based connections, configure SSL but do not check that the final connection is encrypted.

      Server certificates should not be verified unless the relevant settings are enabled. This is different from how the command line client operates (it verifies by default), but verifying certificates by default could cause issues for existing users with older server versions.

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. MXS-5594 Allow encrypted and unencrypted connections on the same listener

          • Major - Major loss of function.
          • Closed

          Activity

            People

              esa.korhonen Esa Korhonen
              esa.korhonen Esa Korhonen
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.