Hi Daniel, Have you considered using AUTH_SWITCH_REQUEST for that purpose? That would allow redirect to happen after switch to TLS and client/server certificate validation.
Server: server hello packet Client: switches to tls, sends client hello packet Server: sends authentication switch request, plugin name: "client_connect_redirect_plugin", plugin data: a string with new connection url Server closes connection ( or: client sends redirect confirmation auth plugin response message, server sends err packet and closes connection ) Clients that do not support redirect would show error message similar to "server wants client_connect_redirect_plugin authentication that this client does not allow". Andrey _______________________________________________ developers mailing list -- developers@lists.mariadb.org To unsubscribe send an email to developers-le...@lists.mariadb.org
