Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-15856

mysql client receiving error: sslv3 alert unsupported certificate

    XMLWordPrintable

    Details

      Description

      A user is seeing the following error while trying to connect to MariaDB using SSL:

      > mysql -h server1 -u dbuser -p --ssl-ca=/etc/my.cnf.d/certs/ca_chain.pem --ssl-cert=/etc/my.cnf.d/certs/server_cert.pem --ssl-key=/etc/my.cnf.d/certs/server_key.pem
      Enter password:
      ERROR 2026 (HY000): SSL connection error: sslv3 alert unsupported certificate
      

      The certificates are able to be verified by OpenSSL:

      > openssl verify -CAfile /etc/my.cnf.d/certs/ca_chain.pem /etc/my.cnf.d/certs/server_cert.pem
      /etc/my.cnf.d/certs/server_cert.pem: OK
      

      And the certificates also work with OpenSSL's s_client and s_server tools.

      This is on RHEL 7.4 with the following packages:

      openssl-libs-1.0.2k-8.el7.x86_64
      openssl-1.0.2k-8.el7.x86_64
      

      ssl_cipher is not set to anything.

      The certificate uses a 2048 bit RSA key, and it also uses the "Subject Alternative Name" field.

        Attachments

          Activity

            People

            Assignee:
            serg Sergei Golubchik
            Reporter:
            GeoffMontee Geoff Montee
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: