Hi!
From MariaDB 10.5.2, the require_secure_transport system variable is available. When set (by default it is off), connections attempted using insecure transport will be rejected. Secure transports are SSL/TLS, Unix sockets or named pipes. Note that requirements set for specific user accounts will take precedence over this setting.
See <https://mariadb.com/kb/en/securing-connections-for-client-and-server/#requiring-tls>
Maybe you enabled TLS server side at the same time, but I’d guess that wasn’t the issue. I believe the issue is that you made it mandatory. Postfix is configured not to use TLS, so it opens a plain connection, and gets rejected (Access denied for user…) because of this setting.
Essentially, you need to make TLS optional or tell Postfix to use it using a MariaDB client option file.
Regards, -- Étienne Miret https://etienne.miret.io/
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
