Got [Galera] Handshake failed: tlsv1 alert decrypt error when replacing SSL cert

irwanseptian · September 28, 2023, 7:03am

Hi everyone,

I got issue when i’m trying to replace the old certificate with the new certificate. The certificate that I created are self signed certificates, I’m following this guideline Encrypt PXC traffic - Percona XtraDB Cluster to replace the certs.

The cluster consist of 3 nodes, and the first node already uses the merge certificate and it successfully restarted and running, but whenever I try to replace the certs on the second node somehow it throws [Galera] Handshake failed: tlsv1 alert decrypt error. Do I miss something important?

irwanseptian · October 2, 2023, 12:50pm

nvm, I already solved this issue. I solved this issue by creating the new SSL certificate with the same CA key, previously i’ve created the SSL cert with new CA key. My bad.

Topic		Replies	Views
Handshake failed: certificate verify failed: unsuitable certificate purpose Percona XtraDB Cluster 8.x	1	7	November 11, 2024
Handshake Failure with certificate validation failed Percona XtraDB Cluster 8.x mysql , percona	7	3225	May 10, 2022
Kubernetes - [Galera] Handshake failed due to unknown CA Percona Server for MySQL 8.0 kubernetes	3	834	August 19, 2024
SSL Error messages in Cluster Host Percona XtraDB Cluster 5.x	1	989	July 6, 2021
PXC DB 8.0 Crash Percona XtraDB Cluster 8.x	1	447	November 20, 2023

Got [Galera] Handshake failed: tlsv1 alert decrypt error when replacing SSL cert

Related topics