MySQL Forums
Forum List  »  Replication

SSL error: Unable to get certificate from '/etc/mysql/newcerts/client-cert.pem'
Posted by: mandm zoom
Date: November 07, 2010 12:24PM

Hi I am trying to configure a SSL based replication between my master and slave and i think i have setup everything correctly
but i still keep getting the error in my mysql.log
SSL error: Unable to get certificate from '/etc/mysql/newcerts/client-cert.pem'
and the
show slave status is

mysql> show slave status\G;
*************************** 1. row ***************************
Slave_IO_State: Connecting to master
Master_Host: masterIP
Master_User: slave_user
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000002
Read_Master_Log_Pos: 106
Relay_Log_File: ex-relay-bin.000001
Relay_Log_Pos: 4
Relay_Master_Log_File: mysql-bin.000002
Slave_IO_Running: No
Slave_SQL_Running: Yes
Replicate_Do_DB: exampledb
Last_Errno: 0
Skip_Counter: 0
Exec_Master_Log_Pos: 106
Relay_Log_Space: 106
Until_Condition: None
Until_Log_Pos: 0
Master_SSL_Allowed: Yes
Master_SSL_CA_File: /etc/mysql/newcerts/ca-cert.pem
Master_SSL_Cert: /etc/mysql/newcerts/client-cert.pem
Master_SSL_Key: /etc/mysql/newcerts/client-key.pem
Seconds_Behind_Master: NULL
Master_SSL_Verify_Server_Cert: No
Last_IO_Errno: 2026
Last_IO_Error: error connecting to master '' - retry-time: 60 retries: 86400
Last_SQL_Errno: 0
1 row in set (0.00 sec)

How do i know what is going wrong with the configuration
the directory where the files are placed on the master is


$ ls -lrt
total 32
-rw-r--r-- 1 test test 1675 Nov 7 11:33 ca-key.pem
-rw-r--r-- 1 test test 1667 Nov 7 11:34 ca-cert.pem
-rw-r--r-- 1 test test 1062 Nov 7 11:41 server-req.pem
-rw-r--r-- 1 root root 1679 Nov 7 11:41 server-key.pem
-rw-r--r-- 1 test test 1306 Nov 7 11:41 server-cert.pem
-rw-r--r-- 1 test test 1062 Nov 7 12:30 client-req.pem
-rw-r--r-- 1 root root 1675 Nov 7 12:30 client-key.pem
-rw-r--r-- 1 test test 1306 Nov 7 12:57 client-cert.pem

please let me know what i am missing

Options: ReplyQuote

Written By
SSL error: Unable to get certificate from '/etc/mysql/newcerts/client-cert.pem'
November 07, 2010 12:24PM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.