Mysql ssl remotely

Question

If someone can tell me what I'm doing wrong it'd be great.

If not, I'll settle for any other solution to goal.

I need to remotely insert mysql rows. And I want it to be secure. I'm writing it all in jruby. Thanks, here's what I did so far,

I get a:

ERROR 2026 (HY000): SSL connection error

When remotely try to access it with ssl:

mysql -h host -u ssl_test -p --ssl-ca=ca-cert.pem

I can connect remotely just fine to a user without require ssl. (mysql -h host -u user -p)

I can also connect to this user locally with:

mysql -h host -u ssl_test -p --ssl-ca=ca-cert.pem

The ca-cert.pem are the same and the permissions for ssl_test is:

+--------------+----------------+----------+
| Host         | User           | ssl_type |
+--------------+----------------+----------+
| %            | ssl_test       | ANY      |

I generated the ca-cert and server-cert with:

openssl genrsa 2048 > ca-key.pem

openssl req -new -x509 -nodes -days 1000 -key ca-key.pem > ca-cert.pem

openssl req -newkey rsa:2048 -days 1000 -nodes -keyout server-key.pem > server-req.pem

openssl x509 -req -in server-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem

straight out of http://dev.mysql.com/doc/mysql-security-excerpt/5.0/en/secure-create-certs.html

I also tried creating the client stuff for x509 but it returns the same error.

Andy · Accepted Answer

I've finally figured it out actually. Apparently my client - 5.1.x is not compatible with a 5.0.77 mysqld (yum install).

The only error message you get however, is ssl connection error.

I also only found this out by connecting remotely to a ubuntu mysql server.

I'm currently building a newer version of mysqld on my centos server.

Mysql ssl remotely

Answers (2)

Related Questions