From cb96725a515ee7a08e3545555ed4b2a3b07bfa9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= Date: Mon, 17 Feb 2020 20:11:28 +0200 Subject: [PATCH] MXS-2382: Add TLS setup into server tutorial Given the recent fixes to the TLS configuration, the process of enabling TLS is rather simple. --- Documentation/Tutorials/Configuring-Servers.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/Documentation/Tutorials/Configuring-Servers.md b/Documentation/Tutorials/Configuring-Servers.md index 8c7f8c06c..0f9ddd16d 100644 --- a/Documentation/Tutorials/Configuring-Servers.md +++ b/Documentation/Tutorials/Configuring-Servers.md @@ -25,3 +25,16 @@ protocol=MariaDBBackend The `address` and `port` parameters tell where the server is located. The `protocol` should always be set to `MariaDBBackend`. + +## Enabling TLS + +To enable encryption for the MaxScale-to-MariaDB communication, add `ssl=true` +to the server section. To enable server certificate verification, add +`ssl_verify_peer_certificate=true`. + +The `ssl` and `ssl_verify_peer_certificate` parameters are similar to the +`--ssl` and `--ssl-verify-server-cert` options of the `mysql` command line +client. + +For more information about TLS, refer to the +[Configuration Guide](../Getting-Started/Configuration-Guide.md).