[MXS-3051] Added columns for SSL in list sessions Created: 2020-06-26 Updated: 2020-08-31 Resolved: 2020-08-31 |
|
| Status: | Closed |
| Project: | MariaDB MaxScale |
| Component/s: | Core |
| Affects Version/s: | None |
| Fix Version/s: | 2.3.21 |
| Type: | New Feature | Priority: | Major |
| Reporter: | Richard Stracke | Assignee: | markus makela |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | ssl | ||
| Description |
|
To ensure, if a ssl is really ssl encrypted is sometime difficult to see, Add two column where it can be visible, if a session is SSL encrypted. Column names are ssl_client -> show if connection is encrypted between client and maxscale Values in the columns is empty or a concat of ssl-version and cipher. |
| Comments |
| Comment by markus makela [ 2020-06-29 ] |
|
Just showing whether the connection is encrypted isn't probably that valuable. For client connections, the listener from which the connection was created will dictate whether the client-to-maxscale connection is encrypted. For backend connections, the servers must be created with TLS configured. This means that if a server used by a service was configured with it, all connections to it are encrypted. I do agree that showing the SSL version and ciphers would be very valuable for analysis and it would also solve the problem of knowing whether the connection is encrypted. |
| Comment by markus makela [ 2020-08-28 ] |
|
Added the client and backend ciphers to the REST API output and MaxCtrl for sessions. This is a small change as the information is already available at the call site. |