MySQL Forums
Forum List  »  Security

SSL doesn't verify keys / certificates?
Posted by: lukas pekara
Date: July 04, 2007 05:28AM

Hi, situation:

################
# mysql server #
################
- version 5.0.41 with SSL support
- tried either on linux either on windows
my.ini / my.cnf:
[mysqld]
port=3306
ssl-ca = "c:/newcerts/ca-cert.pem"
ssl-capath = "c:/newcerts/newcerts/"
ssl-cert = "c:/newcerts/server-cert.pem"
ssl-key = "c:/newcerts/server-key.pem"
ssl-cipher = ALL

mysql> SHOW VARIABLES LIKE 'have_openssl';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| have_openssl | YES |
+---------------+-------+
1 row in set (0.13 sec)

mysql> GRANT ALL PRIVILEGES ON *.* TO 'alfa'@'10.0.0.2' IDENTIFIED BY 'beta' REQUIRE SSL

################
# mysql client #
################
- tried either on linux either on windows
shell> mysql -u alfa -p -h 10.0.0.3 --ssl-key=asdf
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 5.0.41-community-nt MySQL Community Edition (GPL)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql>


could anybody tell me, why it is possible to connect to mysql server with nonsence key which even doesn't exists?
what I am doing wrong?

the same with application using mysql++, where keys in mysql_ssl_set don't have to be correct :-(

thanks for help in advacne..

Options: ReplyQuote


Subject
Views
Written By
Posted
SSL doesn't verify keys / certificates?
4257
July 04, 2007 05:28AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.