On Tue, 31 Oct 2023 17:45:47 -0400
Replication master:
Server version: 10.5.21-MariaDB-0+deb11u1-log Debian 11
Replication slave:
Server version: 10.5.21-MariaDB-0+deb11u1 Debian 11
When `require_secure_transport = on` is enabled on the master, I get:
maximum-retries: 86400 message: Access denied for user
'user'@'domain.com' (using password: YES)."
Could it be that you need to manually enable TLS on the replica using
CHANGE MASTER TO MASTER_SSL=1;
the path to the certificate authority and enabling verification is also
a good idea (otherwise it's possible for the ISP to MITM the connection
by posing as a MariaDB instance with a different host key).
The "Connections using insecure transport are prohibited" error message
only has been fixed in MariaDB 11.2; in 10.5.21 it would still be
Thank you, I had thought that TLS settings were taken from the [client-mariadb] block in the configuration file, but it seems that you have to specify the TLS settings in the CHANGE MASTER command.
It is working now with TLS.