SSL on Percona Mysql

Hello Team,

I having issue connecting MySQL over SSL and I am getting below error.
Can someone assist ?

[root@crm-app mysql-ssl]# mysql --ssl-ca=/etc/mysql-ssl/ca-cert.pem --ssl-cert=/etc/mysql-ssl/client-cert.pem --ssl-key=/etc/mysql-ssl/client-key.pem -uecuser_appusr -p
Enter password:
ERROR 2026 (HY000): SSL connection error: error:00000001:lib(0):func(0):reason(1)
[root@crm-app mysql-ssl]#

NOTE: (Master) and crm-app is a client.

[root@crm-app ~]# cat /etc/my.cnf
You have new mail in /var/spool/mail/root
[root@crm-app ~]#
[root@crm-app ~]#
[root@crm-app ~]#
[root@crm-app ~]# cd /etc/mysql-ssl/
[root@crm-app mysql-ssl]# ll -sh
total 16K
4.0K -rw-r–r-- 1 root root 1.2K Nov 4 23:33 ca-cert.pem
4.0K -rw-r–r-- 1 root root 1.3K Nov 4 23:23 ca-cert.pem.s
4.0K -rw-r–r-- 1 root root 1.2K Nov 4 23:23 client-cert.pem
4.0K -rw-r–r-- 1 root root 1.7K Nov 4 23:24 client-key.pem
0 -rw-r–r-- 1 root root 0 Nov 4 23:20 server-cert.pem
[root@crm-app mysql-ssl]#


Kunal Modi

If you have latest OpenSSL version installed you need to upgrade to at least 5.5.45 or 5.6.26 which has a fix for the bug [url]MySQL Bugs: #77275: Newest RHEL/CentOS openssl update breaks mysql DHE ciphers

Second, make sure the Common Name value used for the server and client certificates/keys must each differ from the Common Name value used for the CA certificate.

Follow this link to create SSL certificates/keys [url][/url]

Thanks for your suggestion.

I have tired upgrading Percona server to latest 5.6.27 but issue persist.
Not sure where is actual issue.

Same certificate is working for other servers which are not percona mysql server ( So I dont think issue Common Name value )

Do we have any other suggestion.

Kunal Modi

Hello Team

Can someone please assist.
It will be of great help.

Kunal Modi