2

I want to set up ssl for mysql on Windows 2000 server. Without the certificate the ssl variables shows YES but after adding the certs it shows DISABLED. This is what I added in ini file.

ssl
ssl-ca=/etc/mysql/ca-cert.pem
ssl-cert=/etc/mysql/server-cert.pem
ssl-key=/etc/mysql/server-key.pem

In the log I have this warning : [Warning] SSL error: Unable to get certificate

R. Oosterholt
  • 7,720
  • 2
  • 53
  • 77
rahul doshi
  • 25
  • 1
  • 9
  • Have u Install Openssl ? If you do have u see this mysql doc [Creating SSL Certificates and Keys Using openssl](https://dev.mysql.com/doc/refman/5.6/en/creating-ssl-files-using-openssl.html) ,have you verify your certificates ? – Mr Rubix Mar 04 '16 at 16:53
  • Have you see this Question [How to enable SSL connection on MySQL server in Windows](http://stackoverflow.com/questions/3650073/how-to-enable-ssl-connection-on-mysql-server-in-windows) ? I Think @d-_-b answer will help you – Mr Rubix Mar 04 '16 at 17:04
  • @Mr Rubix - Yes I did install Openssl and in the mysql doc they mentioned what certificates mysql server needs but not location .so if we see the doc ssl-ca=ca-cert.pem ssl-cert=server-cert.pem ssl-key=server-key.pem but not their location like C:/..., – rahul doshi Mar 06 '16 at 04:06
  • Are you on Windows 2000 server ? [Shawn Hamzee Answer for certificate location](https://bytes.com/topic/mysql/answers/511136-mysql-ssl-windows) and [Bae Cheol Shin answer for .ini location](http://stackoverflow.com/questions/14597884/mysql-my-ini-location) – Mr Rubix Mar 07 '16 at 13:17
  • Yes I am on Windows 2000 server. And went through these links,still no success : ( – rahul doshi Mar 08 '16 at 06:58
  • Additional info..looking at the logs if found this [Warning] SSL error: Unable to get certificate ,Apparently it is unable to recieve the file because it does not have permissions?How do i give sql access to these files? – rahul doshi Mar 08 '16 at 10:09
  • Have you try with a password less certificate ? openssl rsa -in server-key.pem -out server-no-password-key.pem [SOURCE](https://www.linkedin.com/pulse/mysql-failed-setup-ssl-error-unable-get-private-key-vladislav-romanov) – Mr Rubix Mar 08 '16 at 13:19
  • don't close this post i will put a bounty on it to get more help from the SO community – Mr Rubix Mar 08 '16 at 13:20
  • Can you add every command you use to create these certificate ! – Mr Rubix Mar 08 '16 at 13:27
  • Before i add a bounty have you see these post !! [Enabling SSL in MySQL](http://askubuntu.com/questions/194074/enabling-ssl-in-mysql) and this one [SAME SOLUTION](http://forums.mysql.com/read.php?11,400856,401127#msg-401127) Both found on this [POST](http://serverfault.com/questions/451487/configured-mysql-for-ssl-but-ssl-is-still-disabled?newreg=9c653e392f6940019539ecac8fcb5e86) I think it might help you. Can you verify that you key have the good header and footer on your key please. Thanks – Mr Rubix Mar 08 '16 at 13:44
  • I solved this issue ...apparently in the path \server-cert it took \s as a space and it removes the slash and hence it was unable to locate the cert.I had one more query though...do i have to append server-cert and client-cert to ca-cert.pem?? Because inspite of slave having ssl access it is getting access denied – rahul doshi Mar 11 '16 at 05:32
  • Do you still have your second problem ? Please add an answer with what you have done to solve the first part of your problem ! – Mr Rubix Mar 15 '16 at 13:34

0 Answers0