You are here

Galera Cluster and SSL encryption

Is Galera Cluster really still using old fashioned SSL encryption instead of TLS as some slides in the web say?

Taxonomy upgrade extras: 

Group communication and IST use SSLv23 mode, which according to documentation in https://www.openssl.org/docs/ssl/SSL_CTX_new.html uses TLS unless cipher suite (specified in socket.ssl_cipher_list) contains SSLv2 cipher suite. Default cipher suite AES128-SHA is extension to TLSv1 (https://www.openssl.org/docs/apps/ciphers.html), so by default Galera is using TLS for encryption.

Shinguzcomment