1760
MySQLWARNINGNotableReplicationHIGH confidence
CHANGE MASTER TO without SSL is insecure
Production Risk
High — replication credentials exposed.
What this means
CHANGE MASTER TO was issued without specifying MASTER_SSL=1, meaning replication credentials and data will be transmitted in plaintext.
Why it happens
- 1CHANGE MASTER TO executed without SSL parameters.
- 2Master and replica not configured for encrypted replication.
How to reproduce
trigger — this will error
trigger — this will error
CHANGE MASTER TO MASTER_HOST='master', MASTER_USER='repl', MASTER_PASSWORD='secret'; -- no SSL
expected output
Warning (Code 1760): CHANGE MASTER TO executed without SSL options is insecure.
Fix
Add SSL parameters to CHANGE MASTER TO
Add SSL parameters to CHANGE MASTER TO
CHANGE MASTER TO MASTER_HOST='master', MASTER_USER='repl', MASTER_PASSWORD='secret', MASTER_SSL=1, MASTER_SSL_CA='/etc/mysql/ca.pem';
Why this works
Encrypts the replication channel, protecting credentials and binlog events.
What not to do
✕
Sources
Official documentation ↗
MySQL 8.0 — 1760 ER_INSECURE_CHANGE_MASTER
Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev