[MXS-4266] TLS options for create commands overlap with global options Created: 2022-08-30  Updated: 2023-03-06  Resolved: 2022-09-14

Status: Closed
Project: MariaDB MaxScale
Component/s: maxctrl
Affects Version/s: 2.5.21, 6.4.1, 22.08.0
Fix Version/s: 23.02.0

Type: Bug Priority: Major
Reporter: markus makela Assignee: markus makela
Resolution: Fixed Votes: 0
Labels: None

Sprint: MXS-SPRINT-166

 Description   

The TLS options for create commands overlap with the TLS options used to communicate with the MaxScale REST API:

Usage: create server <name> <host|socket> [port] [params...]
 
 
 
Create server options:
 
      --services                     Link the created server to these services  [array]
 
      --monitors                     Link the created server to these monitors  [array]
 
      --protocol                     Protocol module name  [string] [default: "mariadbbackend"]
 
      --authenticator                Authenticator module name (deprecated)  [string]
 
      --authenticator-options        Option string for the authenticator (deprecated)  [string]
 
      --tls                          Enable TLS  [boolean]
 
      --tls-key                      Path to TLS key  [string]
 
      --tls-cert                     Path to TLS certificate  [string]
 
      --tls-ca-cert                  Path to TLS CA certificate  [string]
 
      --tls-version                  TLS version to use  [string]
 
      --tls-cert-verify-depth        TLS certificate verification depth  [number]
 
      --tls-verify-peer-certificate  Enable TLS peer certificate verification  [boolean]
 
      --tls-verify-peer-host         Enable TLS peer host verification  [boolean]
 
 
 
Global Options:
 
  -c, --config     MaxCtrl configuration file  [string] [default: "~/.maxctrl.cnf"]
 
  -u, --user       Username to use  [string] [default: "admin"]
 
  -p, --password   Password for the user. To input the password manually, use -p '' or --password=''  [string] [default: "mariadb"]
 
  -h, --hosts      List of MaxScale hosts. The hosts must be in HOST:PORT format and each value must be separated by a comma.  [string] [default: "127.0.0.1:8989"]
 
  -t, --timeout    Request timeout in plain milliseconds, e.g '-t 1000', or as duration with suffix [h|m|s|ms], e.g. '-t 10s'  [string] [default: "10000"]
 
  -q, --quiet      Silence all output. Ignored while in interactive mode.  [boolean] [default: false]
 
      --tsv        Print tab separated output  [boolean] [default: false]
 
      --skip-sync  Disable configuration synchronization for this command  [boolean] [default: false]
 
 
 
HTTPS/TLS Options:
 
  -s, --secure                  Enable HTTPS requests  [boolean] [default: false]
 
      --tls-key                 Path to TLS key  [string]
 
      --tls-passphrase          Password for the TLS private key  [string]
 
      --tls-cert                Path to TLS certificate  [string]
 
      --tls-ca-cert             Path to TLS CA certificate  [string]
 
  -n, --tls-verify-server-cert  Whether to verify server TLS certificates  [boolean] [default: true]



 Comments   
Comment by markus makela [ 2022-09-08 ]

The redundant create options have now been marked as deprecated in 22.08.

Generated at Thu Feb 08 04:27:24 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.