Percona MySQL Operator for XtraDB clusters - Ability to use our own internal SSL certificates for MySQL S3 backups

MySQL & MariaDB Percona Operator for MySQL
1

Hi everyone,

We’re currently using the latest version of the Percona MySQL Operator for XtraDB clusters. Our MySQL clusters are being backed up to our own on-premises S3 storage environment, by using the S3 backup options in the operator. This is working well :slight_smile:

Since our on-premises S3 storage environment is using our company-trusted internal SSL certificates, we have to use the option verifyTLS: false in order to connect to the backup storage (using HTTPS).

We would like to enhance the security of our database backup environment, by setting verifyTLS: true in our MySQL backup configuration. This reduces the risk of spoofing and man-in-the-middle attacks.

Is it possible to somehow add our company-trusted internal SSL certificates to the backup configuration, preferably by using the MySQL operator?

If this isn’t possible at the moment, should I create a JIRA ticket for the development team?

Thanks in advance!

Kind regards,

Azam

2

Hi @azam please create the task. We do not have it for now.

3

Hi Slava,

Thanks for your reply!
I have submitted the JIRA ticket just now: [K8SPXC-1332] Ability to load custom SSL certificates for S3 backups - Percona JIRA

Kind regards,

Azam

4

ok, cool. Thanks for the task.