Database handlers connect to backend servers via SSL #50
Comments
izgeri
changed the title
This was referenced Aug 30, 2018
izgeri
added
kind/epic
component/secretless-handlers
and removed
kind/enhancement
component/mysql-handler
labels
izgeri
changed the title
ghost
assigned
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Overview
GIVEN I connect to pg or MySQL via Secretless over TCP or Unix socket
THEN Secretless connects with the pg or MySQL backend by sending an an SSL request before sending the handshake response packet (for MySQL, as described in the MySQL protocol docs)
As part of this update, the disclaimer on the pg/MySQL handler pages on the website should be removed.
Story Breakdown
Parent of A plan exists for updating the database handlers to use SSL for the backend connections #460 - A plan exists for updating the database handlers to use SSL for the backend connections
Parent of Postgres Handler supports TLS defaulting to sslmode=require #533 - Postgres Handler supports TLS defaulting to sslmode=require
Parent of MySQL Handler supports TLS defaulting to sslmode=require #534 - MySQL Handler supports TLS defaulting to sslmode=require
Parent of Modify demos to accommodate default TLS requirements for database handlers #543 - Modify demos to accommodate default TLS requirements for database handlers
Parent of MySql docs explain TLS options clearly #538 - MySql docs explain TLS options clearly
Parent of Postgres docs explain all TLS options clearly #537 - Postgres docs explain all TLS options clearly
Parent of Mysql handler supports sslrootcert and sslmode up to verify-ca #536 - Mysql handler supports sslrootcert and sslmode up to verify-ca
Parent of Postgres handler supports sslrootcert and sslmode up to verify-ca #535 - Postgres handler supports sslrootcert and sslmode up to verify-ca
Planned future work:
Plan
Downstream TLS Support for Database Handlers
The text was updated successfully, but these errors were encountered: