[Ach] Feedback to applied-crypto-hardening.pdf - Mail Servers - Dovecot+Postfix
Torge Riedel
torgeriedel at gmx.de
Sat Dec 23 12:32:03 CET 2017
Am 22.12.2017 um 14:06 schrieb Sebastian:
>> But I'm not sure whether it should be
>>
>> ssl=1
> The docs do not mention it at all:
> https://dev.mysql.com/doc/refman/5.7/en/using-encrypted-connections.html
> Is it necessary?
> Here is an indicator it might be necessary:
> https://www.thomas-krenn.com/de/wiki/MySQL_Verbindungen_mit_SSL_verschl%C3%BCsseln
Well, the MySQL docs say that option 'ssl' is enabled by default. Since my own server installation docs have a long history, it might be possible that 'ssl' was not enabled by default in earlier versions of MySQL.
IMHO it is better to set this option on your own to offer encrypted connections, instead of relying on default values.
Regards
Torge
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20171223/b50f987d/attachment.html>
More information about the Ach
mailing list