diff options
| author | Martins Abele <martins.abele@zabbix.com> | 2020-03-02 15:46:25 +0300 |
|---|---|---|
| committer | Martins Abele <martins.abele@zabbix.com> | 2020-03-02 15:46:25 +0300 |
| commit | 7dc7d819c0aa22d6d76757849a86f9e01ea7a2a3 (patch) | |
| tree | 377df373a1601cbfbe556e6f07c5a609c451895f /conf | |
| parent | d4b9d51a1e95a8f2d1c53c1eda137e8f51549d16 (diff) | |
.......PS. [ZBXNEXT-2753] specified database versions which support added TLS functionality
Diffstat (limited to 'conf')
| -rw-r--r-- | conf/zabbix_proxy.conf | 16 | ||||
| -rw-r--r-- | conf/zabbix_server.conf | 16 |
2 files changed, 24 insertions, 8 deletions
diff --git a/conf/zabbix_proxy.conf b/conf/zabbix_proxy.conf index 06bfa4fbe94..27ff23520a3 100644 --- a/conf/zabbix_proxy.conf +++ b/conf/zabbix_proxy.conf @@ -738,9 +738,17 @@ StatsAllowedIP=127.0.0.1 # TLSPSKFile= ### Option: DBTLSConnect -# Database connection TLS mode -# Possible values: required, verify_ca, verify_full -# Supported only for MySQL and PostgreSQL +# Setting this option enforces connecting to database using TLS. +# Supported option values: +# required - connect with encryption +# verify_ca - connect with encryption and check the certificate chain up to a trusted certificate +# authority (CA) +# verify_full - connect with encryption and also verify that the server host name or IP address +# matches its certificate +# On MySQL starting with 5.7.11 and PostgreSQL following values are supported: "required", "verify_ca" and +# "verify_full". +# On MariaDB starting from version 10.2.6 "required" and "verify_full" are supported. +# By default there are not set any connection options. Behaviour depends on database library compiled in. # # Mandatory: no # Default: @@ -784,7 +792,7 @@ StatsAllowedIP=127.0.0.1 ### Option: DBTLSCipher13 # The list of encryption ciphersuites the client permits for connections that use TLSv1.3 -# Supported only for MySQL +# Supported only for MySQL, starting from version 8.0.16 # # Mandatory no # Default: diff --git a/conf/zabbix_server.conf b/conf/zabbix_server.conf index 069d507c4e2..af07d1bdf1b 100644 --- a/conf/zabbix_server.conf +++ b/conf/zabbix_server.conf @@ -722,9 +722,17 @@ StatsAllowedIP=127.0.0.1 # TLSKeyFile= ### Option: DBTLSConnect -# Database connection TLS mode -# Possible values: required, verify_ca, verify_full -# Supported only for MySQL and PostgreSQL +# Setting this option enforces connecting to database using TLS. +# Supported option values: +# required - connect with encryption +# verify_ca - connect with encryption and check the certificate chain up to a trusted certificate +# authority (CA) +# verify_full - connect with encryption and also verify that the server host name or IP address +# matches its certificate +# On MySQL starting with 5.7.11 and PostgreSQL following values are supported: "required", "verify_ca" and +# "verify_full". +# On MariaDB starting from version 10.2.6 "required" and "verify_full" are supported. +# By default there are not set any connection options. Behaviour depends on database library compiled in. # # Mandatory: no # Default: @@ -768,7 +776,7 @@ StatsAllowedIP=127.0.0.1 ### Option: DBTLSCipher13 # The list of encryption ciphersuites the client permits for connections that use TLSv1.3 -# Supported only for MySQL +# Supported only for MySQL, starting from version 8.0.16 # # Mandatory no # Default: |