Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
3.1.11, 3.1.12
-
None
-
None
-
Server: Binary package mariadb-10.5.9-linux-systemd-x86_64 on Debian buster
Client: Windows 10 mariadb-connector-c 3.1.12 / 3.1.11
Description
I have a serious problem to SSL connect the mariadb server instance.
The server is a binary package mariadb-10.5.9-linux-systemd-x86_64 on Debian buster.
The client is running on latest Windows 10 64 bit, mariadb-connector-c 3.1.12 / 3.1.11
The according SSL certificates are standard, self-signed and generated after this manual:
https://mariadb.com/kb/en/certificate-creation-with-openssl/ on the server.
Verification of the client/server certs are fine.
SSL connecting using Windows DBeaver (v21.0.1) works fine, DBeaver uses mariadb-connector-J internally. So it proofs, that server and the certs are fine.
I compiled and tried the latest mariadb-connector-c (3.1.12) which gives the following error:
SSL connection error: An unknown error occurred while processing the certificate. Error 0x80090327(SEC_E_CERT_UNKNOWN)
Given are client-key.pem, client-cert.pem and ca-cert.pem. ca-folder and ciphers are null (unused).
I tried the same with latest HeidiSQL which uses an older libmariadb.dll version (3.1.7). But same error here.
So I suspect, there's a SSL problem, perhaps in using Schannel.
The error code above gives:
0x80090327
This error translates to "An unknown error occurred while processing the certificate."
This usually means that the server requires SSL client authentication and a new certificate is specified. Check the SSLStatus Event for details.
Attachments
Issue Links
- relates to
-
MDEV-25701 Two-way TLS does not work with WolfSSL and version1 certificates
- Confirmed