SSL Connections with 5.5.33

lmargulin · October 14, 2013, 6:12pm

So I had replication with SSL working with a master and slave both at Percona version 5.5.29. The slave was upgraded to 5.5.33 and I was unable to create an SSL connection. This is the error I get when trying to connect with with the Mysql commandline tool:

ERROR 2026 (HY000): SSL connection error: ASN: bad other signature confirmation

While doing some Google searches, there appears there are some OpenSSL vs yaSSL issues between these version of Percona MySQL. So I upgraded the server to be 5.5.33, but I’m still getting the same error.

Can someone give me an idea on how to fix this. Do I need to regenerate the certificates/keys? I’d prefer a solution (if it exists) that doesn’t require me to restart the master since it’s a production server.

Any help would be appreciated.

niljoshi · October 16, 2013, 2:54am

Hi,

Are you giving full path of cert dir into SSL configuration in my.cnf / command-line? i.e /Users/.ssh/mysql-ssl-ca-cert.pem
I would also like you check this checklist [URL]https://rtg.in.ua/2013/02/27/mysql-ssl-checklist/[/URL]
It can be related to this [URL]MySQL Bugs: #67957: Client not able to connect to server which has a ssl-cert that is SHA256 too.
Thanks.

Topic		Replies	Views
SSL with CA issued certs - errors Other MySQL® Questions	1	693	May 15, 2014
Percona MySQL Master/Slave Replication breaking with SSL Other MySQL® Questions	0	619	October 16, 2015
MySQL 5.5 replication over SSL broken after upgrading OpenSSL, OS Other MySQL® Questions	0	503	January 31, 2019
Can't connect after upgrade to openssl-1.0.1e-30.el6.9 Percona XtraDB Cluster 5.x	1	892	July 15, 2015
SSL on Percona Mysql Other MySQL® Questions	3	1072	November 23, 2015

SSL Connections with 5.5.33

Related topics