aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services/ca-certs.yaml
diff options
context:
space:
mode:
authorJuan Antonio Osorio Robles <jaosorior@redhat.com>2017-05-03 12:56:17 +0300
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>2017-05-03 11:53:47 +0000
commitbe4bc8f3f243b3282010848cc00f31d31c9f9ab8 (patch)
tree61c3921bf7263751737bcf8bbb979acf846a06e0 /puppet/services/ca-certs.yaml
parent9697f70dcbbb30882bf8cb90f9dd0bcfc35f087f (diff)
Internal TLS: Use specific CA file for mysql-client
Instead of using the CA bundle, this sets the mysql client configuration file to use a specific file for validating the certificate of the database server. This helps in two ways: * Improves performance since validation will check only one certificate. * Improves security since we're only the certificates signed by one CA are valid, instead of any certificate that the system trusts (which could include potentially compromised public certs). Change-Id: I46f7cb6da73715f8f331337e0161418450d5afd7 Depends-On: I75bdaf71d88d169e64687a180cb13c1f63418a0f
Diffstat (limited to 'puppet/services/ca-certs.yaml')
0 files changed, 0 insertions, 0 deletions