feat(database): Support One-Way TLS for MariaDB

[sunxiaoguang]

Is your feature request related to a problem? Please describe.

Existing TLS feature enforces Two-Way TLS which offers the strongest security. However there are situations when we only want to enable One-Way TLS to encrypt data in transit.

Describe the solution you'd like When users specify db_ssl_ca only in configuration without db_ssl_cert and db_ssl_key, turning on One-Way TLS.

Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered. Adding a separate flag to specify One-Way TLS is possible. However that makes the configuration file more complicated to end users and doesn't bring much benefit. I personally prefer making db_ssl_cert and db_ssl_key optionally for this scenario.

Additional context NA

[imbraintl]

I have not tested but I think this is available under the sales invoice

[sunxiaoguang]

Hello @ankush, sorry for disturbing you in this way. I saw you have made lots of contributions to database related modules and also helped me merging couple of PRs related to database. Could you please take a look at this feature request as well as PR and possibly leave some feedbacks? It's pretty simple, basically just make it possible to use oneway TLS for encrypt-in-transit purpose. Thanks

[fmarslan]

what is the last state? Do you know if there is a plan?