MySQL Forums
Forum List  »  Replication

SSL Replication [Resolved]
Posted by: arnaud charlier
Date: August 31, 2007 04:23AM

Hello everybody,

I want to set up a mysql replication but it's dont work ... I need your help.

[command with ssl]

mysql> CHANGE MASTER TO MASTER_SSL=1, MASTER_SSL_CA='cacert.pem', MASTER_SSL_CAPATH='/usr/local/mysql/ssl/', MASTER_SSL_CERT='/usr/local/mysql/ssl/server-cert.pem', MASTER_SSL_KEY='/usr/local/mysql/ssl/server-key.pem';
Query OK, 0 rows affected (0.00 sec)
mysql> start slave;
Query OK, 0 rows affected (0.00 sec)
mysql> 070831 12:08:03 [Note] Slave SQL thread initialized, starting replication in log 'mysql-bin.000009' at position 98, relay log '/usr/local/mysql-5.0.45-linux-i686/data/sd-5247-relay-bin.000001' position: 4
070831 12:08:03 [ERROR] Slave I/O thread: error connecting to master 'abc@x.X.x.X:3306': Error: 'SSL connection error' errno: 2026 retry-time: 60 retries: 86400

[commans whitout ssl]

mysql> stop slave;
070831 12:08:21 [Note] Slave I/O thread killed while connecting to master
070831 12:08:21 [Note] Slave I/O thread exiting, read up to log 'mysql-bin.000009', position 98
070831 12:08:21 [Note] Error reading relay log event: slave SQL thread was killed
Query OK, 0 rows affected (0.00 sec)
mysql> CHANGE MASTER TO MASTER_SSL=0, MASTER_SSL_CA='cacert.pem', MASTER_SSL_CAPATH='/usr/local/mysql/ssl/', MASTER_SSL_CERT='/usr/local/mysql/ssl/server-cert.pem', MASTER_SSL_KEY='/usr/local/mysql/ssl/server-key.pem';
Query OK, 0 rows affected (0.00 sec)
mysql> start slave;
070831 12:08:35 [Note] Slave SQL thread initialized, starting replication in log 'mysql-bin.000009' at position 98, relay log '/usr/local/mysql-5.0.45-linux-i686/data/sd-5247-relay-bin.000001' position: 4
Query OK, 0 rows affected (0.00 sec)
mysql> 070831 12:08:35 [Note] Slave I/O thread: connected to master 'abc@x.X.x.X:3306', replication started in log 'mysql-bin.000009' at position 98

>> It's works fine without ssl :S

System : Ubuntu server (6.06_LTS)
Mysql Version : mysql-5.0.45-linux-i686 (pre-compiled)
SSL : 0.9.8a

my.cnf [master]
[client]
port = 3306
socket = /tmp/mysql.sock
ssl-ca=/usr/local/mysql/ssl/cacert.pem
ssl-cert=/usr/local/mysql/ssl/client-cert.pem
ssl-key=/usr/local/mysql/ssl/client-key.pem

[mysqld]
port = 3306
socket = /tmp/mysql.sock
skip-locking
key_buffer = 16M
max_allowed_packet = 1M
table_cache = 64
sort_buffer_size = 512K
net_buffer_length = 8K
read_buffer_size = 256K
read_rnd_buffer_size = 512K
myisam_sort_buffer_size = 8M

ssl-ca=/usr/local/mysql/ssl/cacert.pem
ssl-cert=/usr/local/mysql/ssl/server-cert.pem
ssl-key=/usr/local/mysql/ssl/server-key.pem

log-error = /var/log/mysql/error.log
relay-log = /var/log//mysql/relay.log
relay-log-info-file = /var/log//mysql/relay-log.info
relay-log-index = /var/log//mysql/relay-log.index
log-bin = /var/log/mysql/mysql-bin.log
binlog-do-db = exampledb
server-id = 1


my.cnf [client]
[client]
port = 3306
socket = /tmp/mysql.sock
ssl-ca=/usr/local/mysql/ssl/cacert.pem
ssl-cert=/usr/local/mysql/ssl/client-cert.pem
ssl-key=/usr/local/mysql/ssl/client-key.pem

[mysqld]
port = 3306
socket = /tmp/mysql.sock
skip-locking
key_buffer = 16M
max_allowed_packet = 1M
table_cache = 64
sort_buffer_size = 512K
net_buffer_length = 8K
read_buffer_size = 256K
read_rnd_buffer_size = 512K
myisam_sort_buffer_size = 8M
ssl-ca=/usr/local/mysql/ssl/cacert.pem
ssl-cert=/usr/local/mysql/ssl/server-cert.pem
ssl-key=/usr/local/mysql/ssl/server-key.pem

log-bin=mysql-bin
server-id = 2
master-host = 88.191.36.126
master-user = abc
master-password = password
master-port = 3306
master-connect-retry = 60
replicate-do-db = exampledb



mysql> show master status;
+------------------+----------+--------------+------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+------------------+----------+--------------+------------------+
| mysql-bin.000007 | 2825 | exampledb | |
+------------------+----------+--------------+------------------+


mysql> SHOW SLAVE STATUS \G;
*************************** 1. row ***************************
Slave_IO_State:
Master_Host: x.X.x.X
Master_User: abc
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000007
Read_Master_Log_Pos: 2637
Relay_Log_File: sd-5247-relay-bin.000001
Relay_Log_Pos: 98
Relay_Master_Log_File: mysql-bin.000007
Slave_IO_Running: No
Slave_SQL_Running: No
Replicate_Do_DB: exampledb
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 2637
Relay_Log_Space: 98
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: Yes
Master_SSL_CA_File: cacert.pem
Master_SSL_CA_Path: /usr/local/mysql/ssl/
Master_SSL_Cert: /usr/local/mysql/ssl/client-cert.pem
Master_SSL_Cipher:
Master_SSL_Key: /usr/local/mysql/ssl/client-key.pem
Seconds_Behind_Master: NULL
1 row in set (0.00 sec)

ERROR:
No query specified

[SSL Folder]
drwxr-xr-x 16 root mysql 4,0K 2007-08-31 11:23 ..
-rwxr-xr-x 1 mysql mysql 1,3K 2007-08-30 11:20 cacert.pem
-rwxr-xr-x 1 mysql mysql 3,3K 2007-08-30 11:20 client-cert.pem
-rwxr-xr-x 1 mysql mysql 887 2007-08-30 11:20 client-key.pem
-rwxr-xr-x 1 mysql mysql 745 2007-08-30 11:20 client-req.pem
-rwxr-xr-x 1 mysql mysql 250 2007-08-30 11:20 index.txt
-rwxr-xr-x 1 mysql mysql 20 2007-08-30 11:20 index.txt.attr
-rwxr-xr-x 1 mysql mysql 21 2007-08-30 11:20 index.txt.attr.old
-rwxr-xr-x 1 mysql mysql 125 2007-08-30 11:20 index.txt.old
-rwxr-xr-x 1 mysql mysql 176 2007-08-30 11:20 my.cnf
drwxr-xr-x 2 mysql mysql 4,0K 2007-08-30 11:20 newcerts
-rwxr-xr-x 1 mysql mysql 9,2K 2007-08-30 11:20 openssl.cnf
drwxr-xr-x 2 mysql mysql 4,0K 2007-08-30 11:20 private
-rwxrwxrwx 1 mysql mysql 3 2007-08-30 11:20 serial
-rwxrwxrwx 1 mysql mysql 3 2007-08-30 11:20 serial.old
-rwxrwxrwx 1 mysql mysql 3,3K 2007-08-30 11:20 server-cert.pem
-rwxrwxrwx 1 mysql mysql 887 2007-08-30 11:20 server-key.pem
-rwxrwxrwx 1 mysql mysql 745 2007-08-30 11:20 server-req.pem

mysql> SHOW PROCESSLIST;
+----+-------------+-----------+-----------+---------+------+-----------------------------------------------------------------------+------------------+
| Id | User | Host | db | Command | Time | State | Info |
+----+-------------+-----------+-----------+---------+------+-----------------------------------------------------------------------+------------------+
| 30 | root | localhost | exampledb | Query | 0 | NULL | SHOW PROCESSLIST |
| 31 | system user | | NULL | Connect | 66 | Connecting to master | NULL |
| 32 | system user | | NULL | Connect | 66 | Has read all relay log; waiting for the slave I/O thread to update it | NULL |
+----+-------------+-----------+-----------+---------+------+-----------------------------------------------------------------------+------------------+
3 rows in set (0.00 sec)

mysql> SHOW PROCESSLIST;
+----+------------+--------------------------+-----------+-------------+------+----------------------------------------------------------------+------------------+
| Id | User | Host | db |Command|Time|State | Info |
+----+------------+--------------------------+-----------+-------------+------+----------------------------------------------------------------+------------------+
| 3 | abc | sd-5247.dedibox.fr:42241 | NULL | Binlog Dump | 1912 | Has sent all binlog to slave; waiting for binlog to be updated | NULL |
| 4 | root | localhost | exampledb | Query | 0 | NULL | SHOW PROCESSLIST
+----+------------+--------------------------+-----------+-------------+------+----------------------------------------------------------------+------------------+
2 rows in set (0.00 sec)

I don't know where is the problem ...
If someone can help me, that was greet !!!
Thanks



Edited 4 time(s). Last edit at 09/04/2007 03:23AM by arnaud charlier.

Options: ReplyQuote


Subject
Views
Written By
Posted
SSL Replication [Resolved]
9515
August 31, 2007 04:23AM
4038
September 03, 2007 02:58AM
5385
September 04, 2007 03:27AM
3282
April 21, 2008 05:22PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.