1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
|
#
# fips support.
#
##Test: Default server fips mode.
Variable_name Value
ssl_fips_mode OFF
MD5 digest:
md5(8)
c9f0f895fb98ab9159f51fd0297e236d
##Test: Restart server and provide ssl-fips-mode at server startup:
Server fips mode:
Variable_name Value
ssl_fips_mode OFF
MD5 digest:
md5(8)
c9f0f895fb98ab9159f51fd0297e236d
##Test: Restart server and provide ssl-fips-mode at server startup: ON
Server fips mode:
Variable_name Value
ssl_fips_mode ON
MD5 digest:
md5(8)
00000000000000000000000000000000
Level Code Message
Warning 4073 SSL fips mode error: FIPS mode ON/STRICT: MD5 digest is not supported.
##Test: Restart server and provide ssl-fips-mode at server startup: ON with skip ssl
Server fips mode:
Variable_name Value
ssl_fips_mode ON
MD5 digest:
md5(8)
00000000000000000000000000000000
Level Code Message
Warning 4073 SSL fips mode error: FIPS mode ON/STRICT: MD5 digest is not supported.
##Test: Restart server and provide ssl-fips-mode at server startup: STRICT
Server fips mode:
Variable_name Value
ssl_fips_mode STRICT
MD5 digest:
md5(8)
00000000000000000000000000000000
Level Code Message
Warning 4073 SSL fips mode error: FIPS mode ON/STRICT: MD5 digest is not supported.
##Test: Restart server and provide weak cipher CAMELLIA256-SHA
client will only able to connect with only FIPS mode OFF
Variable_name Value
ssl_fips_mode OFF
Variable_name Value
ssl_fips_mode OFF
mysqld is alive
WARNING: MYSQL_OPT_SSL_FIPS_MODE is deprecated and will be removed in a future version.
mysqladmin: connect to server at '127.0.0.1' failed
error: 'SSL connection error: Failed to set ciphers to use'
WARNING: MYSQL_OPT_SSL_FIPS_MODE is deprecated and will be removed in a future version.
mysqladmin: connect to server at '127.0.0.1' failed
error: 'SSL connection error: Failed to set ciphers to use'
# restart server using restart default values
Restart server.
##Test: MySQL client, Set fips mode: Default
Variable_name Value
ssl_fips_mode OFF
MD5 digest:
md5(8)
c9f0f895fb98ab9159f51fd0297e236d
##Test: MySQL client, Set fips mode: OFF
Variable_name Value
ssl_fips_mode OFF
MD5 digest:
md5(8)
c9f0f895fb98ab9159f51fd0297e236d
##Test: MySQL client, Set fips mode: ON
Variable_name Value
ssl_fips_mode OFF
MD5 digest:
md5(8)
c9f0f895fb98ab9159f51fd0297e236d
##Test: MySQL client, Set fips mode: STRICT
Variable_name Value
ssl_fips_mode OFF
MD5 digest:
md5(8)
c9f0f895fb98ab9159f51fd0297e236d
##Test: MySQL client, Set fips mode: INVALID
|