diff --git a/Documentation/Getting-Started/Configuration-Guide.md b/Documentation/Getting-Started/Configuration-Guide.md
index 11ddc9d0d..3b58e6475 100644
--- a/Documentation/Getting-Started/Configuration-Guide.md
+++ b/Documentation/Getting-Started/Configuration-Guide.md
@@ -2064,11 +2064,14 @@ larger than 0.
 
 ### `ssl_verify_peer_certificate`
 
-Peer certificate verification. This functionality is enabled by default.
+Peer certificate verification. This functionality is disabled by default. In
+versions prior to 2.3.17 the feature was enabled by default.
 
-When this feature is enabled, the certificate sent by the peer is verified
-against the configured Certificate Authority. If you are using self-signed
-certificates, set `ssl_verify_peer_certificate=false`.
+When this feature is enabled, the peer must send a certificate. The certificate
+sent by the peer is verified against the configured Certificate Authority to
+make sure the peer is who they claim to be. For listeners, this behaves as if
+`REQUIRE X509` was defined for all users. For servers, this behaves like the
+`--ssl-verify-server-cert` command line option for the `mysql` client.
 
 #### Example SSL enabled server configuration
 
diff --git a/connectors/cdc-connector/cdc_connector.cpp b/connectors/cdc-connector/cdc_connector.cpp
index 05dd04da0..11b530a3c 100644
--- a/connectors/cdc-connector/cdc_connector.cpp
+++ b/connectors/cdc-connector/cdc_connector.cpp
@@ -170,7 +170,7 @@ void Closer<int>::close(int fd)
 namespace CDC
 {
 
-const char* const TIMEOUT  = "Request timed out";
+const char* const TIMEOUT = "Request timed out";
 
 /**
  * Public functions
@@ -449,21 +449,36 @@ SRow Connection::read()
     SRow rval;
     std::string row;
 
-    if (read_row(row))
+    while (true)
     {
-        json_error_t err;
-        json_t* js = json_loads(row.c_str(), JSON_ALLOW_NUL, &err);
+        if (read_row(row))
+        {
+            json_error_t err;
+            json_t* js = json_loads(row.c_str(), JSON_ALLOW_NUL, &err);
 
-        if (js)
-        {
-            rval = process_row(js);
-            json_decref(js);
-        }
-        else
-        {
-            m_error = "Failed to parse JSON: ";
-            m_error += err.text;
+            if (js)
+            {
+                if (is_schema(js))
+                {
+                    m_schema = row;
+                    process_schema(js);
+                    json_decref(js);
+                    continue;
+                }
+                else
+                {
+                    rval = process_row(js);
+                    json_decref(js);
+                }
+            }
+            else
+            {
+                m_error = "Failed to parse JSON: ";
+                m_error += err.text;
+            }
         }
+
+        break;
     }
 
     return rval;
diff --git a/server/core/config.cc b/server/core/config.cc
index c418a4846..0c07fbeeb 100644
--- a/server/core/config.cc
+++ b/server/core/config.cc
@@ -488,7 +488,7 @@ const MXS_MODULE_PARAM config_listener_params[] =
     {
         CN_SSL_VERIFY_PEER_CERTIFICATE,
         MXS_MODULE_PARAM_BOOL,
-        "true"
+        "false"
     },
     {NULL}
 };
@@ -702,7 +702,7 @@ const MXS_MODULE_PARAM config_server_params[] =
     {
         CN_SSL_VERIFY_PEER_CERTIFICATE,
         MXS_MODULE_PARAM_BOOL,
-        "true"
+        "false"
     },
     {
         CN_DISK_SPACE_THRESHOLD,