--ssl-cipher
This page is part of MariaDB's Documentation.
The parent of this page is: mariadb-shell for MariaDB Shell
Topics on this page:
Overview
TLS cipher
See also: mariadb-shell for MariaDB Shell, in 23.02, in 23.01, in 22.12, and in 22.10
USAGE
mariadb-shell [--ssl-cipher <TLS_cipher_list>]
DETAILS
Option | Default Behavior | Argument |
---|---|---|
| TLS is not used by default | A cipher list that enables and disables ciphers and cipher suites for TLS |
EXAMPLES
The --ssl-cipher
command-line option accepts a cipher list.
If OpenSSL is installed, the openssl ciphers
command can be used to show available ciphers and cipher suites and can be used to construct a cipher list:
$ openssl ciphers -s -tls1_3 -tls1_2
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA
To connect to a host with TLS using the cipher list returned by the above command:
$ mariadb-shell \
--host host.example.com \
--user user_name \
--password 'user_password' \
--ssl-ca /etc/ssl/mariadb/ca.pem \
--ssl-cipher "$(openssl ciphers -s -tls1_3 -tls1_2)"
CHANGE HISTORY
Release Series | History |
---|---|
23.03 |
|
23.02 |
|
23.01 |
|
22.12 |
|
22.10 |
|