How to set TLS version on Windows (YaSSL)

Apparently we can't set the TLS version when using YaSSL. I've tested this on Windows, when ssl-cipher=TLSv1.2 is specified the command: SHOW VARIABLES LIKE 'have_ssl'; reports disabled.

According to: https://mariadb.org/state-ssl-mariadb/ this is caused by YaSSL: MySQL used to support TLS 1.0 since 2001. Which means MariaDB supported it from the day one, and never supported weaker SSL 2.0 or SSL 3.0. Since the MariaDB 5.5.41 (released 21 Dec 2014) and MariaDB 10.0.15 (25 Nov 2014) we also support TLS 1.1 and TLS 1.2. For example, you can select only TLS 1.2 ciphers with

ssl-cipher=TLSv1.2

in the my.cnf file. This works only when MariaDB is compiled with OpenSSL, though — that is in all MariaDB packages from MariaDB.org repositories but not in binary tarballs (they are compiled with YaSSL).

My question is, how can we set this when using MariaDB compilled with YaSSL (specifically the Windows X64 version)

Answer Answered by Vladislav Vaintroub in this comment.

YASSL does not support TLS1.2. The best it can do is 1.1. the above applies to openssl only

↑ Data-in-Transit Encryption ↑

Comments

Comments loading...

Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.

How to set TLS version on Windows (YaSSL)

Answer Answered by Vladislav Vaintroub in this comment.

Comments

Products

Services

Pricing

Resources

About Us

Download MariaDB