Not the answer you need?
Register and ask your own question!

SSL with CA issued certs - errors

NealCNealC EntrantInactive User Role Beginner
Hi.

Release: percona-server-server-5.5 1:5.5.37-rel35.0-657.precise
Openssl: openssl 1.0.1-4ubuntu5.13

We're setting up MySQL for eventual ODBC connections, security requirement is over SSL. This tests correctly with self-generated certs but switching to real ISP generated certs errors. Simplest we should be able to do is;

ssl-ca=/etc/mysql/certs/intermediate.pem - the CA's interm cert
ssl-cert=/etc/mysql/certs/our_realcert.pem - our real signed cert
ssl-key=/etc/mysql/certs/our_realcert_key.pem - real certs key

The cert & key's MD5 sums are both correct & the whole chain has been verified in an Apache setup
We're testing correct connection with workbench initially , the real certs error with "SSL connection error: ASN: bad other signature confirmation" & self generated certs are OK.

Does anyone have experience of 'real' certs or can illuminate this error?

Thanks
Neal

Comments

  • NealCNealC Entrant Inactive User Role Beginner
    Resolved, switching back to standard MySQL with the identical configuration works.
    Can only assume an issue with percona-server-server-5.5 1:5.5.37-rel35.0-657.precise or the client
Sign In or Register to comment.

MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright ©2005 - 2020 Percona LLC. All rights reserved.