This is a read-only copy of the MariaDB Knowledgebase generated on 2024-11-16. For the latest, interactive version please visit https://mariadb.com/kb/.

how to see cipher suites allowed in Mariabd server for client.

Hello, Currently, we have a tool that has an issue connecting with our Mariadb server when the below setting is on. "require_secure_transport=ON" with TLS1.2, TLS1.3

the error I would get is Exception Devart.Data.Universal.UniException: Access denied for user 'user'@'ip' (using password: YES) Client driver error: Exception Devart.Data.MySql.MySqlException: Access denied for user 'user'@'ip' (using password: YES)

my theory is the client tool is sending a cipher suite that is not supported on MariaDB, I need to check what cipher suites are MariaDB server is accepting to narrow down the issue and send it to support. Does anyone know the command to check all the cipher suits that MariaDB is accepting? I am not a DBadmin and already google but have found anything helpful. I know there is a command to show the cipher after the user is logged in but that doesn't help since I can't even be logged in.

note: when "require_secure_transport=ON" is remove i have no issue with connection.

Thank you in advance for any guidance.

Answer Answered by Daniel Black in this comment.

I'd suggest by looking at openssl s_client -starttls mysql .....

See man openssl-s_client for the options.

The other way is to look at the application connection with wireshark and it shows the protocol negotiation of the application.

Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.