Percona MySQL Operator for XtraDB clusters - Ability to use our own internal SSL certificates for MySQL S3 backups

Hi everyone,

We’re currently using the latest version of the Percona MySQL Operator for XtraDB clusters. Our MySQL clusters are being backed up to our own on-premises S3 storage environment, by using the S3 backup options in the operator. This is working well

Since our on-premises S3 storage environment is using our company-trusted internal SSL certificates, we have to use the option verifyTLS: false in order to connect to the backup storage (using HTTPS).

We would like to enhance the security of our database backup environment, by setting verifyTLS: true in our MySQL backup configuration. This reduces the risk of spoofing and man-in-the-middle attacks.

Is it possible to somehow add our company-trusted internal SSL certificates to the backup configuration, preferably by using the MySQL operator?

If this isn’t possible at the moment, should I create a JIRA ticket for the development team?

Thanks in advance!

Kind regards,

Azam

Hi @azam please create the task. We do not have it for now.

Hi Slava,

Thanks for your reply!
I have submitted the JIRA ticket just now: [K8SPXC-1332] Ability to load custom SSL certificates for S3 backups - Percona JIRA

Kind regards,

Azam

ok, cool. Thanks for the task.