Announcement

Announcement Module
Collapse
No announcement yet.

SSL with CA issued certs - errors

Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • SSL with CA issued certs - errors

    Hi.

    Release: percona-server-server-5.5 1:5.5.37-rel35.0-657.precise
    Openssl: openssl 1.0.1-4ubuntu5.13

    We're setting up MySQL for eventual ODBC connections, security requirement is over SSL. This tests correctly with self-generated certs but switching to real ISP generated certs errors. Simplest we should be able to do is;

    ssl-ca=/etc/mysql/certs/intermediate.pem - the CA's interm cert
    ssl-cert=/etc/mysql/certs/our_realcert.pem - our real signed cert
    ssl-key=/etc/mysql/certs/our_realcert_key.pem - real certs key

    The cert & key's MD5 sums are both correct & the whole chain has been verified in an Apache setup
    We're testing correct connection with workbench initially , the real certs error with "SSL connection error: ASN: bad other signature confirmation" & self generated certs are OK.

    Does anyone have experience of 'real' certs or can illuminate this error?

    Thanks
    Neal

  • #2
    Resolved, switching back to standard MySQL with the identical configuration works.
    Can only assume an issue with percona-server-server-5.5 1:5.5.37-rel35.0-657.precise or the client

    Comment

    Working...
    X