Ubuntu 20.04 requires TLSv1.2 while MariaDB 10.3/YaSSL only supports max TLSv1.1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mariadb-10.3 (Ubuntu) |
Won't Fix
|
Medium
|
Otto Kekäläinen | ||
mariadb-10.5 (Ubuntu) |
Fix Released
|
Undecided
|
Otto Kekäläinen |
Bug Description
Mariadb 10.3 as provided by Ubuntu and shipped in LTS is compiled against YaSSL version 2.4.4, which supports a maximum tls version of 1.1 as I understand it. See: https:/
Focal minimum tls requirement is higher, tls v1.2 as discussed here: https:/
As a result, all attempts to use ssl that worked pre-focal now hit a hard failure with such as:
ERROR 2026 (HY000): SSL connection error: The TLS connection was non-properly terminated.
and via libraries:
Unable to open database: SSL connection error: error:1408F10B:SSL routines:
Upstream offers a focal repository, so hopefully this won't be a hard one to merge into standard Ubuntu, since basically without some fix SSL/TLS via mariadb is broken entirely on an LTS version -- and that for 5 years, as they say, needs a close look. I suspect there are other compatibility issues preventing it, but as 'upgrading to focal' killed several web servers -- some sort of pragmatic work-around needs doing.
Until then:
sudo apt-get install software-
sudo apt-key adv --fetch-keys 'https:/
sudo add-apt-repository 'deb [arch=amd64,
Hope this helps someone...
Hello!
If this issue is still relevant, and you have a suggestion how to fix
it, please file a Merge Request on Salsa as a proposal. Thanks!
https:/ /wiki.debian. org/Teams/ MySQL/patches