MySQL Forums
Forum List  »  Security

Advanced Search
New Topic

ssl-cert and ssl-key options don't work
Posted by: Jennifer Marienfeld
Date: May 11, 2010 06:38AM

Hello,

I use the new MySQL Community Server Version 5.1.46 on Windows 7 - 32bit.
Everything is fine until I try to use SSL.

I have added a windows service for the mysql server and changed the my.ini file.
I added the following lines under the mysqld - section:

[mysqld]
#*** SSL specific options ***#
ssl-ca=myCaCert.pem
ssl-cert=myServerCert.pem
ssl-key=myServerKey.pem

My cert- and key- files are in the bin directory of the mysql server directory.
I have removed the pin from the keyfile for testing, but nothing happens. I always get the following warnings and one error on start up: 

100511 14:18:50 [Note] Plugin 'FEDERATED' is disabled.
100511 14:18:51  InnoDB: Started; log sequence number 0 50629
SSL error: Unable to get certificate from 'myServerCert.pem'
100511 14:18:51 [Warning] Failed to setup SSL
100511 14:18:51 [Warning] SSL error: Unable to get certificate
100511 14:18:51 [Note] Event Scheduler: Loaded 0 events
100511 14:18:51 [Note] c:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld: ready for connections.
Version: '5.1.46-community'  socket: ''  port: 3306  MySQL Community Server (GPL)


mysql> show variables like '%ssl%';
+---------------+------------------+
| Variable_name | Value            |
+---------------+------------------+
| have_openssl  | DISABLED         |
| have_ssl      | DISABLED         |
| ssl_ca        | myCaCert.pem     |
| ssl_capath    |                  |
| ssl_cert      | myServerCert.pem |
| ssl_cipher    |                  |
| ssl_key       | myServerKey.pem  |
+---------------+------------------+
7 rows in set (0.00 sec)


When I use the the ini file as follow:
[mysqld]
#*** SSL specific options ***#
ssl-ca=myCaCert.pem
#ssl-cert=myServerCert.pem
#ssl-key=myServerKey.pem

everything is fine and the server starts without warnings and the "have_openssl" variable is set to YES. Otherwise it is "DISABLED". 

100511 14:46:02 [Note] Plugin 'FEDERATED' is disabled.
100511 14:46:02  InnoDB: Started; log sequence number 0 50629
100511 14:46:03 [Note] Event Scheduler: Loaded 0 events
100511 14:46:03 [Note] c:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld: ready for connections.
Version: '5.1.46-community'  socket: ''  port: 3306  MySQL Community Server (GPL)


mysql> show variables like '%ssl%';
+---------------+--------------+
| Variable_name | Value        |
+---------------+--------------+
| have_openssl  | YES          |
| have_ssl      | YES          |
| ssl_ca        | myCaCert.pem |
| ssl_capath    |              |
| ssl_cert      |              |
| ssl_cipher    |              |
| ssl_key       |              |
+---------------+--------------+
7 rows in set (0.00 sec)

What do I wrong? Is it bug? Are my certificates not valid?
I really don't know what could be wrong...

Thanks for your help.
Jennifer

Navigate: Previous MessageNext Message
Options: ReplyQuote


Subject
Views
Written By
Posted
ssl-cert and ssl-key options don't work
7287
Jennifer Marienfeld
May 11, 2010 06:38AM
Re: ssl-cert and ssl-key options don't work
3281
Jennifer Marienfeld
May 11, 2010 08:11AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.