Uploaded image for project: 'Debezium'
  1. Debezium
  2. DBZ-1208

Support TLS 1.2 for MySQL

    XMLWordPrintable

    Details

      Description

      Default SSL socket factory as created in com.github.shyiko.mysql.binlog.BinaryLogClient enforces TLS v1 as it is configured in no-parametric consutrctor of com.github.shyiko.mysql.binlog.network.DefaultSSLSocketFactory.

      Debezium should

      • provide a configuration parameter that would set the TLS version to be used
      • provide alternative implementation of com.github.shyiko.mysql.binlog.BinaryLogClient.DEFAULT_REQUIRED_SSL_MODE_SOCKET_FACTORY and com.github.shyiko.mysql.binlog.BinaryLogClient.DEFAULT_VERIFY_CA_SSL_MODE_SOCKET_FACTORY that would call a paramtirzed constructor with the requested TLS version
      • use the alternative SSL socket factory via {{com.github.shyiko.mysql.binlog.BinaryLogClient.setSocketFactory(SocketFactory)}

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jpechanec Jiri Pechanec
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: