MySQL Forums
Forum List  »  Replication

OpenSSL + Replication - broken?
Posted by: Gareth -
Date: August 16, 2012 11:33AM

Hello,

Does anyone know if there is a problem with OpenSSL and MySQL replication? (Or if not, where I might be going wrong?)

CentOS 6.2, OpenSSL v1.0.0, MySQL v5.1.63
Ubuntu 12.04, OpenSSL v1.0.1, MySQL v 5.5.24

I'm trying to set up replication over SSL (between servers provided by different hosting companies) and keep getting error 2026.

Interestingly (I think) it seems that SSL on the master is initially disabled until you add "RSA" between "BEGIN" and "PRIVATE", and "END" and "PRIVATE", respectively in the server key. Comment-out the ssl-cert line in my.cnf and it will start with SSL enabled but obviously won't connect as one of the creditials is missing anyway.

I have found several oldish bug reports, with various people reporting they could and couldn't replicate the problem - a number of sites offering similar instructions/tutorials so it seems to have worked at some point!

I followed:

http://www.howtoforge.com/how-to-set-up-mysql-database-replication-with-ssl-encryption-on-centos-5.4

and

http://www.howtoforge.com/how-to-set-up-mysql-database-replication-with-ssl-encryption-on-ubuntu-9.10

(including the note about the Apparmor problem in Ub12.04 - I even removed it and restarted but it made no difference)

I have tried to do it between two CentOS 6.2 servers, two Ubuntu 12.04 servers and (originally) a Centos master with an Ubuntu slave - no joy in any case.

Any advice much appreciated.

Thanks
Gareth

edit - saw http://dev.mysql.com/doc/refman/5.0/en/replication-solutions-ssl.html too of course :)



Edited 2 time(s). Last edit at 08/16/2012 11:39AM by Gareth -.

Options: ReplyQuote


Subject
Views
Written By
Posted
OpenSSL + Replication - broken?
1903
August 16, 2012 11:33AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.