Hi,
I have successfully configured my PMM Server to use SSL/TLS certificates. The setup is working correctly - I can view the certificate details in my browser (see attached screenshot).
Following the official documentation, I copied the ca.crt file to my PMM client, adjusted the file permissions, and installed the certificate system-wide as a trusted CA.
When I add a MySQL instance via HTTPS (port 443), the process appears to work without issues:
- The PMM dashboard shows no errors
pmm-admin statusdisplays connection information confirming HTTPS/port 443- All agents appear to be communicating successfully
However, in the PMM dashboard under Services/Agents, all MySQL services still show tls=false.
Questions:
- Why does the dashboard display
tls=falsewhen the actual communication is using HTTPS? - Is this a known display issue, or does it indicate that TLS is not actually being used for data transmission?
- Does the
tls=falseflag refer to the MySQL ↔ PMM Agent connection rather than the PMM PMM Agents ↔ PMM Server connection? Since MySQL also supports TLS connections, could this indicate that the database connection itself is not encrypted?
Configuration details:
- PMM Server: Docker container with custom SSL certificates
- PMM Client: Configured with system-wide CA trust
- Connection: Successfully established via HTTPS on port 443
Any insights would be greatly appreciated!
