PDF (A4) - 40.9Mb
Man Pages (TGZ) - 261.1Kb
Man Pages (Zip) - 368.3Kb
Info (Gzip) - 4.1Mb
Info (Zip) - 4.1Mb
Connection interface TLS properties are set at server startup, and can be updated at runtime using theALTER INSTANCE RELOAD TLS statement. SeeServer-Side Runtime Configuration and Monitoring for Encrypted Connections.
Thetls_channel_status table provides information about connection interface TLS properties:
mysql> SELECT * FROM performance_schema.tls_channel_status\G*************************** 1. row *************************** CHANNEL: mysql_mainPROPERTY: Enabled VALUE: Yes*************************** 2. row *************************** CHANNEL: mysql_mainPROPERTY: ssl_accept_renegotiates VALUE: 0*************************** 3. row *************************** CHANNEL: mysql_mainPROPERTY: Ssl_accepts VALUE: 2...*************************** 29. row *************************** CHANNEL: mysql_adminPROPERTY: Enabled VALUE: No*************************** 30. row *************************** CHANNEL: mysql_adminPROPERTY: ssl_accept_renegotiates VALUE: 0*************************** 31. row *************************** CHANNEL: mysql_adminPROPERTY: Ssl_accepts VALUE: 0... Thetls_channel_status table has these columns:
CHANNELThe name of the connection interface to which the TLS property row applies.
mysql_mainandmysql_adminare the channel names for the main and administrative connection interfaces, respectively. For information about the different interfaces, seeSection 7.1.12.1, “Connection Interfaces”.PROPERTYThe TLS property name. The row for the
Enabledproperty indicates overall interface status, where the interface and its status are named in theCHANNELandVALUEcolumns, respectively. Other property names indicate particular TLS properties. These often correspond to the names of TLS-related status variables.VALUEThe TLS property value.
The properties exposed by this table are not fixed and depend on the instrumentation implemented by each channel.
For each channel, the row with aPROPERTY value ofEnabled indicates whether the channel supports encrypted connections, and other channel rows indicate TLS context properties:
For
mysql_main, theEnabledproperty isyesornoto indicate whether the main interface supports encrypted connections. Other channel rows display TLS context properties for the main interface.For the main interface, similar status information can be obtained using these statements:
SHOW GLOBAL STATUS LIKE 'current_tls%';SHOW GLOBAL STATUS LIKE 'ssl%';For
mysql_admin, theEnabledproperty isnoif the administrative interface is not enabled or it is enabled but does not support encrypted connections.Enabledisyesif the interface is enabled and supports encrypted connections.When
Enabledisyes, the othermysql_adminrows indicate channel properties for the administrative interface TLS context only if some nondefault TLS parameter value is configured for that interface. (This is the case if anyadmin_tls_orxxxadmin_ssl_system variable is set to a value different from its default.) Otherwise, the administrative interface uses the same TLS context as the main interface.xxx
Thetls_channel_status table has no indexes.
TRUNCATE TABLE is not permitted for thetls_channel_status table.
PDF (A4) - 40.9Mb
Man Pages (TGZ) - 261.1Kb
Man Pages (Zip) - 368.3Kb
Info (Gzip) - 4.1Mb
Info (Zip) - 4.1Mb