Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Not a Bug
-
10.2.8
-
None
-
Linux 2.6.23
openSSL 1.0.1e
MariaDB 10.2.8
Description
Hi, pretty guys.
I want to improve our product environment security level, then I compiled MariaDB10.2.8 with openSSL1.0.1e. but when I use old yaSSL client connection server, it failed. But the openSSL compiled client is ok.
[my.cnf]
|
ssl-cert=/home/server-cert.pem
|
ssl-key=/home/server-key.pem
|
mysql> show global variables like '%ssl%'; |
+---------------------+--------------------------------------------+ |
| Variable_name | Value |
|
+---------------------+--------------------------------------------+ |
| have_openssl | YES |
|
| have_ssl | YES |
|
| ssl_ca | |
|
| ssl_capath | |
|
| ssl_cert | /home/server-cert.pem |
|
| ssl_cipher | |
|
| ssl_crl | |
|
| ssl_crlpath | |
|
| ssl_key | /home/server-key.pem | |
| version_ssl_library | OpenSSL 1.0.1e-fips 11 Feb 2013 |
|
+---------------------+--------------------------------------------+ |
when I used MariaDB10.2.8 openSSL compiled client to connect server, it successed:
$ /u01/jianwei.zhao/mariadb/bin/mysql -h127.0.0.1 -usu -P3306 --ssl-ca=/home/ca.pem -psu |
 |
MariaDB [(none)]> show status like '%ssl_version%'; |
+---------------+---------+ |
| Variable_name | Value |
|
+---------------+---------+ |
| Ssl_version | TLSv1.2 |
|
+---------------+---------+ |
1 row in set (0.00 sec) |
But when I used MySQL 5.6 , before client or yaSSL compiled mariaDB client to connect server, it all failed:
#mysql_5616/bin/mysql -h127.0.0.1 -usu -P3306 --ssl-ca=/home/ca.pem -psu
|
ERROR 2026 (HY000): SSL connection error: unknown error number
|
so, does it mean that MariaDB server compiled with openSSL is not compatible with old yaSSL client?