Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Incomplete
-
10.3(EOL)
-
Debian Buster
Description
Ich habe eine MariaDB Installation unter Debian Buster und komme mit der SSL VerschlĂĽsselung nicht weiter. Ich bin wie folgt vorgegangen:
*sudo apt install software-properties-common dirmngr
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8
sudo add-apt-repository 'deb [arch=amd64] http://ftp.hosteurope.de/mirror/mariadb.org/repo/10.3/debian stretch main'
sudo apt update
sudo apt install mariadb-server-10.3 libmariadbclient18
sudo apt update
sudo apt upgrade*
nano /etc/mysql/my.cnf
bind-address = SERVER-IP
sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf
_[mysqld]
ssl
ssl-ca=/etc/mysql/ca_ecdsa.crt.pem
ssl-cert=/etc/mysql/server_ecdsa.crt.pem
ssl-key=/etc/mysql/server_ecdsa.key.pem_
sudo nano /etc/mysql/mariadb.conf.d/50-mysql-clients.cnf
_[mysql]
ssl-ca=/etc/mysql/ca_ecdsa.crt.pem
ssl-cert=/etc/mysql/client_ecdsa.crt.pem
ssl-key=/etc/mysql/client_ecdsa.key.pem
ssl-verify-server-cert=on_
*sudo systemctl restart mysql
mysql -u root -p*
ERROR 2026 (HY000): SSL connection error: Validation of SSL server certificate failed
Wenn ich in der 50-mysql-clients.cnf die Zertifikate herausnehme kann ich mich anmelden.
sudo nano /etc/mysql/mariadb.conf.d/50-mysql-clients.cnf
_[mysql]
#ssl-ca=/etc/mysql/ca_ecdsa.crt.pem
#ssl-cert=/etc/mysql/client_ecdsa.crt.pem
#ssl-key=/etc/mysql/client_ecdsa.key.pem
ssl-verify-server-cert=on_
*sudo systemctl restart mysql
mysql -u root -p*
/s
SSL: Cipher in use is TLS_AES_256_GCM_SHA384
SHOW VARIABLES LIKE '%ssl%';
_have_openssl | YES
have_ssl | YES
version_ssl_library | OpenSSL 1.1.1c 28 May 2019 _
Ich hoffe mir kann hierbei jemand weiterhelfen.
Attachments
Issue Links
- relates to
-
-
- Closed
-
Hi,
can you please provide some more information:
openssl x509 -text -noout -in /etc/mysql/server_ecdsa.crt.pem