MXS-2857: Disable peer verification by default

The fix to the bug where peer certificates were validated but not required
caused the default behavior to change. The default should've changed at
the same time the fix was made.

Documentation/Getting-Started/Configuration-Guide.md

@@ -1871,11 +1871,14 @@ larger than 0.
 
 ### `ssl_verify_peer_certificate`
 
-Peer certificate verification. This functionality is enabled by default.
+Peer certificate verification. This functionality is disabled by default. In
+versions prior to 2.3.17 the feature was enabled by default.
 
-When this feature is enabled, the certificate sent by the peer is verified
-against the configured Certificate Authority. If you are using self-signed
-certificates, set `ssl_verify_peer_certificate=false`.
+When this feature is enabled, the peer must send a certificate. The certificate
+sent by the peer is verified against the configured Certificate Authority to
+make sure the peer is who they claim to be. For listeners, this behaves as if
+`REQUIRE X509` was defined for all users. For servers, this behaves like the
+`--ssl-verify-server-cert` command line option for the `mysql` client.
 
 #### Example SSL enabled server configuration
 

server/core/config.cc

@@ -342,7 +342,7 @@ const MXS_MODULE_PARAM config_listener_params[] =
      MXS_MODULE_OPT_ENUM_UNIQUE,
      ssl_version_values},
     {CN_SSL_CERT_VERIFY_DEPTH,       MXS_MODULE_PARAM_COUNT,   "9"},
-    {CN_SSL_VERIFY_PEER_CERTIFICATE, MXS_MODULE_PARAM_BOOL,    "true"},
+    {CN_SSL_VERIFY_PEER_CERTIFICATE, MXS_MODULE_PARAM_BOOL,    "false"},
     {NULL}
 };
 
@@ -421,7 +421,7 @@ const MXS_MODULE_PARAM config_server_params[] =
      MXS_MODULE_OPT_ENUM_UNIQUE,
      ssl_version_values},
     {CN_SSL_CERT_VERIFY_DEPTH,       MXS_MODULE_PARAM_COUNT,  "9"},
-    {CN_SSL_VERIFY_PEER_CERTIFICATE, MXS_MODULE_PARAM_BOOL,   "true"},
+    {CN_SSL_VERIFY_PEER_CERTIFICATE, MXS_MODULE_PARAM_BOOL,   "false"},
     {CN_DISK_SPACE_THRESHOLD,        MXS_MODULE_PARAM_STRING},
     {NULL}
 };