Cannot establish ssl connection
Posted by: Sebastien Boily
Date: April 21, 2016 04:57PM

Hello

I'm a beginner but I've made a Powershell script that uses the mysql connector/net and it works. But now I would like to move the connection to a ssl connection. I followed the steps to first make certificate files. I used a Linux host to generate the files, as explained on:
http://dev.mysql.com/doc/mysql-security-excerpt/5.0/en/creating-ssl-files-using-openssl.html
I had no cacert.pem file so I downloaded it there:
http://curl.haxx.se/ca/cacert.pem
I also created a client.pfx file from those files, since .NET requires it, as explained on:
https://dev.mysql.com/doc/connector-net/en/connector-net-tutorials-ssl.html

Finally I moved the certificate files on my Windows host with the working mysql server. I added those lines in my.ini:
[mysqld]
ssl-ca="C:\\Share\\OpenSSL\\cacert.pem"
ssl-cert="C:\\Share\\OpenSSL\\server-cert.pem"
ssl-key="C:\\Share\\OpenSSL\\server-key.pem"
(others ssl variables where empty)

I loaded mysqld with --log-error-verbosity=3 to catch everything that go wrong.
I used phpmyadmin in "variables" section to show ssl variables and to be sure that files are loaded and that SSL is active. Variables were set:
have ssl = yes
ssl ca = C:\Share\OpenSSL\cacert.pem
ssl cert = C:\Share\OpenSSL\server-cert.pem
ssl key = C:\Share\OpenSSL\server-key.pem

Then I created a user named ssluser with require_ssl on on it. Now, I do this in Powershell:

[void][System.Reflection.Assembly]::LoadWithPartialName("MySql.Data")
$connection = New-Object MySql.Data.MySqlClient.MySqlConnection
$connection.ConnectionString = "Server=localhost;Uid=me;Pwd=somepass;database=p4-projet;"

Then: $connection.open()
Which works good (connection state is open with no errors). But now when I try with ssl:

$connection.ConnectionString = "Server=localhost;Uid=ssluser;Pwd=somepass;database=p4-projet;CertificateFile=C:\Share\OpenSSL\client.pfx;CertificatePassword=pass;SslMode=Required"
"pass" is the password I used while making the pfx.

Then: $connection.open()
Gives this error:
---
Exception calling "Open" with "0" argument(s): "Received an unexpected EOF or 0 bytes from the transport stream."
At line:1 char:1
+ $connection.open()
+ ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : IOException
---

I searched and found the same error in different languages that use the same method. One mentionned that it could be the different hostname between the machine and the one in the certificate. I tried with my machine name but it still give the error. Could it be because I generated the files on Linux and using them on Windows? Or am I missing something in the parameters or in the mysql configuration? The error log doesn't show something about this, even with verbosity set to 3.

Options: ReplyQuote


Subject
Written By
Posted
Cannot establish ssl connection
April 21, 2016 04:57PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.