[MDEV-15856] mysql client receiving error: sslv3 alert unsupported certificate - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Not a Bug
Affects Version/s: 10.2.14
Fix Version/s: N/A
Component/s: Scripts & Clients, SSL
Labels:
- ssl

Description

A user is seeing the following error while trying to connect to MariaDB using SSL:

> mysql -h server1 -u dbuser -p --ssl-ca=/etc/my.cnf.d/certs/ca_chain.pem --ssl-cert=/etc/my.cnf.d/certs/server_cert.pem --ssl-key=/etc/my.cnf.d/certs/server_key.pem

Enter password:

ERROR 2026 (HY000): SSL connection error: sslv3 alert unsupported certificate

The certificates are able to be verified by OpenSSL:

> openssl verify -CAfile /etc/my.cnf.d/certs/ca_chain.pem /etc/my.cnf.d/certs/server_cert.pem

/etc/my.cnf.d/certs/server_cert.pem: OK

And the certificates also work with OpenSSL's s_client and s_server tools.

This is on RHEL 7.4 with the following packages:

openssl-libs-1.0.2k-8.el7.x86_64

openssl-1.0.2k-8.el7.x86_64

ssl_cipher is not set to anything.

The certificate uses a 2048 bit RSA key, and it also uses the "Subject Alternative Name" field.

Attachments

Activity

People

Assignee:: Sergei Golubchik

Reporter:: Geoff Montee (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2018-04-12 19:49

Updated:: 2024-07-07 23:56

Resolved:: 2018-04-17 19:42

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.