SSL with CA issued certs - errors

NealC · May 13, 2014, 8:08am

Hi.

Release: percona-server-server-5.5 1:5.5.37-rel35.0-657.precise
Openssl: openssl 1.0.1-4ubuntu5.13

We’re setting up MySQL for eventual ODBC connections, security requirement is over SSL. This tests correctly with self-generated certs but switching to real ISP generated certs errors. Simplest we should be able to do is;

ssl-ca=/etc/mysql/certs/intermediate.pem - the CA’s interm cert
ssl-cert=/etc/mysql/certs/our_realcert.pem - our real signed cert
ssl-key=/etc/mysql/certs/our_realcert_key.pem - real certs key

The cert & key’s MD5 sums are both correct & the whole chain has been verified in an Apache setup
We’re testing correct connection with workbench initially , the real certs error with “SSL connection error: ASN: bad other signature confirmation” & self generated certs are OK.

Does anyone have experience of ‘real’ certs or can illuminate this error?

Thanks
Neal

NealC · May 15, 2014, 2:31am

Resolved, switching back to standard MySQL with the identical configuration works.
Can only assume an issue with percona-server-server-5.5 1:5.5.37-rel35.0-657.precise or the client

Topic		Replies	Views
SSL Connections with 5.5.33 Other MySQL® Questions	1	2985	October 16, 2013
SSL connection error : certificate verify failed, [Galera] Handshake failed Percona XtraDB Cluster 8.x	6	1694	August 12, 2022
SSL on Percona Mysql Other MySQL® Questions	3	1072	November 23, 2015
Handshake Failure with certificate validation failed Percona XtraDB Cluster 8.x mysql , percona	7	3225	May 10, 2022
Some authentication plugins will not work Other MySQL® Questions	0	2538	July 19, 2018

SSL with CA issued certs - errors

Related topics