You are here
Galera Cluster and SSL encryption
Sun, 2014-12-07 14:42 — oli
Is Galera Cluster really still using old fashioned SSL encryption instead of TLS as some slides in the web say?
Taxonomy upgrade extras:
Galera and SSL / TLS
Group communication and IST use SSLv23 mode, which according to documentation in https://www.openssl.org/docs/ssl/SSL_CTX_new.html uses TLS unless cipher suite (specified in socket.ssl_cipher_list) contains SSLv2 cipher suite. Default cipher suite AES128-SHA is extension to TLSv1 (https://www.openssl.org/docs/apps/ciphers.html), so by default Galera is using TLS for encryption.