On Tue, 31 Oct 2023 17:45:47 -0400 Nick Lockheart via discuss <[email protected]> wrote:
> Replication master: > Server version: 10.5.21-MariaDB-0+deb11u1-log Debian 11 > > Replication slave: > Server version: 10.5.21-MariaDB-0+deb11u1 Debian 11 > > When `require_secure_transport = on` is enabled on the master, I get: > > "error reconnecting to master '[email protected]:3306' - retry-time: 10 > maximum-retries: 86400 message: Access denied for user > 'user'@'domain.com' (using password: YES)." Could it be that you need to manually enable TLS on the replica using CHANGE MASTER TO MASTER_SSL=1; <https://mariadb.com/kb/en/change-master-to/#tls-options>? Setting up the path to the certificate authority and enabling verification is also a good idea (otherwise it's possible for the ISP to MITM the connection by posing as a MariaDB instance with a different host key). The "Connections using insecure transport are prohibited" error message only has been fixed in MariaDB 11.2; in 10.5.21 it would still be "Access denied for user": https://github.com/MariaDB/server/pull/2581 -- Best regards, Ivan _______________________________________________ discuss mailing list -- [email protected] To unsubscribe send an email to [email protected]
