From a676208afe0a9d58529bcd34ad906e3014fa16a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=88=98=E6=A0=A1?= Date: Wed, 2 Sep 2020 19:23:57 +0800 Subject: [PATCH] cherry pick #3801 to release-4.0 Signed-off-by: ti-srebot --- enable-tls-between-clients-and-servers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enable-tls-between-clients-and-servers.md b/enable-tls-between-clients-and-servers.md index 9e83d7ee300b1..705495753da68 100644 --- a/enable-tls-between-clients-and-servers.md +++ b/enable-tls-between-clients-and-servers.md @@ -107,7 +107,7 @@ If the `ssl-ca` parameter is not specified in the TiDB server or MySQL client, t - To perform mutual authentication, meet both of the above requirements. -By default, the server-to-client authentication is optional. Even if the client does not present its certificate of identification during the TLS handshake, the TLS connection can be still established. You can also require the client to be authenticated by specifying `require 509` when creating a user (`create user`), granting permissions (`grant`), or modifying an existing user (`alter user`). The following is an example of creating a user: +By default, the server-to-client authentication is optional. Even if the client does not present its certificate of identification during the TLS handshake, the TLS connection can be still established. You can also require the client to be authenticated by specifying `require x509` when creating a user (`create user`), granting permissions (`grant`), or modifying an existing user (`alter user`). The following is an example of creating a user: {{< copyable "sql" >}}