I'm trying to get MySQL working with SSL.
My first two pitfalls were 1) MySQL doesn't work with certificates that use a SHA256 hash, so I hade to generate a new (snakeoil) certificate & key, and 2) apparmor blocking access to the files.
Now, mysqld loads the certificate and keys without logging any error to the error.log.
However, I still can't succesfully use SSL from the client:
# mysql --ssl -hX.X.X.X -uuser -p db
Reading table information for completion of table and column names
mysql Ver 14.14 Distrib 5.5.35, for debian-linux-gnu (x86_64) using readline 6.2
Connection id: 42
Current database: drupal
Current user: user@X.X.X.X
SSL: Not in use <======================
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.5.35-0ubuntu0.13.10.2-log (Ubuntu)
Protocol version: 10
Connection: X.X.X.X via TCP/IP
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
TCP port: 3306
Any ideas how to debug this would be appreciated. Both mysql and mysqld are not giving any feedback as to why SSL is not working. Also, the client just downgrades to use non-SSL without any warning, pretty dangerous.
Thanks in advance,