Pt-archiver to "Azure Database for MySQL servers" does not work if SSL is enabled

slash · December 16, 2020, 10:35am

After enabling SSL mode on MySQL Azure PaaS the connection fails with the following error:

DBI connect(‘test_percona;mysql_read_default_file=/root/PERCONA/ssl-ptachiver.conf;host=db********.mysql.database.azure.com;mysql_read_default_group=client’,‘userbackup@db********.mysql.database.azure.com’,…) failed: SSL connection error: Client is not configured to use SSL at ./pt-archiver line 2525.

I tried to configure the Azure CA certificate in my.cnf of the client, but I have the same error:

[client]

ssl = 1

ssl-mode = REQUIRED

user=userbackup

mysql_ssl=1

mysql_ssl_ca_file=/root/PERCONA/DigiCertGlobalRootG2.crt.pem

I can’t understand where I’m wrong, Thanks for the help…

matthewb · January 21, 2021, 9:25pm

You need to specify the CA, Client Key, and Client Certificate in most cases.
Also, the parameters are ‘ssl_cert’, ‘ssl_key’, and ‘ssl_ca’
Check out this blog post too Percona Toolkit for MySQL with MySQL-SSL Connections

Topic		Replies	Views
Pt-archiver to “Azure Database for MySQL servers” failed: SSL connection is required. Please specify SSL options and retry Other MySQL® Questions	3	1657	March 12, 2021
SSL Encryption(client->server) Percona XtraDB Cluster 8.x mysql , percona	2	600	July 6, 2021
Failed to set up SSL because of the following SSL library error: SSL_CTX_new failed Percona XtraDB Cluster 5.x mysql , closed-no-reply	0	2122	April 16, 2021
ProxySQL Backend SSL Connection Error ProxySQL	5	1727	July 12, 2022
SSL connection error : certificate verify failed, [Galera] Handshake failed Percona XtraDB Cluster 8.x	6	1696	August 12, 2022

Pt-archiver to "Azure Database for MySQL servers" does not work if SSL is enabled

Related topics