hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-1910: Only require ssl_ca_cert for servers

Browse Source 
Servers in MaxScale can encrypt the connections without client keys and
certificates. As keys and certificates are no longer required, the CA
certificate must always be initialized.
This commit is contained in:
Markus Mäkelä
2018-06-09 00:15:48 +03:00
parent c850336199
commit 1e1734f42e
4 changed files with 59 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/modules/routing/debugcli/debugcmd.c
View File

@ -1410,9 +1410,9 @@ static void alterServer(DCB *dcb, SERVER *server, char *v1, char *v2, char *v3,
}
}
if (enable || ssl_key || ssl_cert || ssl_ca)
if (enable || ssl_ca)
{
if (enable && ssl_key && ssl_cert && ssl_ca)
if (enable && ssl_ca)
{
/** We have SSL parameters, try to process them */
if (!runtime_enable_server_ssl(server, ssl_key, ssl_cert, ssl_ca,
@ -1425,7 +1425,7 @@ static void alterServer(DCB *dcb, SERVER *server, char *v1, char *v2, char *v3,
else
{
dcb_printf(dcb, "Error: SSL configuration requires the following parameters:\n"
"ssl=required ssl_key=PATH ssl_cert=PATH ssl_ca_cert=PATH\n");
"ssl=required ssl_ca_cert=PATH\n");
}
}
}