Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-538

Can't connect via SSL

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • 3.1.11, 3.1.12
    • None
    • TLS/SSL
    • None
    • Server: Binary package mariadb-10.5.9-linux-systemd-x86_64 on Debian buster
      Client: Windows 10 mariadb-connector-c 3.1.12 / 3.1.11

    Description

      I have a serious problem to SSL connect the mariadb server instance.

      The server is a binary package mariadb-10.5.9-linux-systemd-x86_64 on Debian buster.
      The client is running on latest Windows 10 64 bit, mariadb-connector-c 3.1.12 / 3.1.11

      The according SSL certificates are standard, self-signed and generated after this manual:
      https://mariadb.com/kb/en/certificate-creation-with-openssl/ on the server.
      Verification of the client/server certs are fine.

      SSL connecting using Windows DBeaver (v21.0.1) works fine, DBeaver uses mariadb-connector-J internally. So it proofs, that server and the certs are fine.

      I compiled and tried the latest mariadb-connector-c (3.1.12) which gives the following error:
      SSL connection error: An unknown error occurred while processing the certificate. Error 0x80090327(SEC_E_CERT_UNKNOWN)
      Given are client-key.pem, client-cert.pem and ca-cert.pem. ca-folder and ciphers are null (unused).

      I tried the same with latest HeidiSQL which uses an older libmariadb.dll version (3.1.7). But same error here.

      So I suspect, there's a SSL problem, perhaps in using Schannel.
      The error code above gives:

      0x80090327
      This error translates to "An unknown error occurred while processing the certificate."
      This usually means that the server requires SSL client authentication and a new certificate is specified. Check the SSLStatus Event for details.

      Attachments

        1. ca-cert.pem
          1 kB
        2. client-cert.pem
          1 kB
        3. client-key.pem
          2 kB
        4. server-cert.pem
          1 kB
        5. server-key.pem
          2 kB

        Issue Links

          Activity

            People

              georg Georg Richter
              mpaland Marco Paland
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.