Unable to SSL i
Posted by:
Var able
Date: September 10, 2021 10:54PM
Hello,
I am trying to enable ssl with following parameters in mysql config file.
ssl-ca = /etc/certs/ca.pem
ssl-cert = /etc/certs/server-cert.pem
ssl-key = /etc/certs/server-key.pem
After making above entries I had restarted mysql services but when I checked ssl status it is still disabled.
mysql> SHOW GLOBAL VARIABLES LIKE '%ssl%';
+-------------------------------------+-----------------------------+
| Variable_name | Value |
+-------------------------------------+-----------------------------+
| admin_ssl_ca | |
| admin_ssl_capath | |
| admin_ssl_cert | |
| admin_ssl_cipher | |
| admin_ssl_crl | |
| admin_ssl_crlpath | |
| admin_ssl_key | |
| have_openssl | DISABLED |
| have_ssl | DISABLED |
| mysqlx_ssl_ca | |
| mysqlx_ssl_capath | |
| mysqlx_ssl_cert | |
| mysqlx_ssl_cipher | |
| mysqlx_ssl_crl | |
| mysqlx_ssl_crlpath | |
| mysqlx_ssl_key | |
| performance_schema_show_processlist | OFF |
| ssl_ca | /etc/certs/ca.pem |
| ssl_capath | |
| ssl_cert | /etc/certs//server-cert.pem |
| ssl_cipher | |
| ssl_crl | |
| ssl_crlpath | |
| ssl_fips_mode | OFF |
| ssl_key | /etc/certs//server-key.pem |
+-------------------------------------+-----------------------------+
I even verified the permissions to mysql certs and looks fine
sudo -u mysql ls -lrt /etc/certs/server-cert.pem
-rwxr----- 1 mysql mysql 2358 Sep 11 03:17 /etc/certs/server-cert.pem
sudo -u mysql ls -lrt /etc/certs/server-key.pem
-rwxr----- 1 mysql mysql 3243 Sep 10 07:55 /etc/certs/server-key.pem
sudo -u mysql ls -lrt /etc/certs/ca.pem
-rwxr----- 1 mysql mysql 1911 Sep 11 03:22 /etc/certs/ca.pem
Am I missing anything in the steps followed , MySQL version is 8.0.25 Community.
Regards,
Var
Subject
Views
Written By
Posted
Unable to SSL i
872
September 10, 2021 10:54PM
452
September 11, 2021 04:27AM
992
September 11, 2021 07:24PM
809
September 13, 2021 01:50AM
535
September 14, 2021 10:30PM
457
September 15, 2021 01:23AM
Sorry, you can't reply to this topic. It has been closed.
This forum is currently read only. You can not log in or make any changes. This is a temporary situation.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.