Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-20404

Validation of SSL server certificate failed

    XMLWordPrintable

    Details

      Description

      Ich habe eine MariaDB Installation unter Debian Buster und komme mit der SSL VerschlĂĽsselung nicht weiter. Ich bin wie folgt vorgegangen:

      *sudo apt install software-properties-common dirmngr
      sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8
      sudo add-apt-repository 'deb [arch=amd64] http://ftp.hosteurope.de/mirror/mariadb.org/repo/10.3/debian stretch main'
      sudo apt update
      sudo apt install mariadb-server-10.3 libmariadbclient18
      sudo apt update
      sudo apt upgrade*

      nano /etc/mysql/my.cnf
      bind-address = SERVER-IP

      sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf
      _[mysqld]
      ssl
      ssl-ca=/etc/mysql/ca_ecdsa.crt.pem
      ssl-cert=/etc/mysql/server_ecdsa.crt.pem
      ssl-key=/etc/mysql/server_ecdsa.key.pem_

      sudo nano /etc/mysql/mariadb.conf.d/50-mysql-clients.cnf
      _[mysql]
      ssl-ca=/etc/mysql/ca_ecdsa.crt.pem
      ssl-cert=/etc/mysql/client_ecdsa.crt.pem
      ssl-key=/etc/mysql/client_ecdsa.key.pem
      ssl-verify-server-cert=on_

      *sudo systemctl restart mysql
      mysql -u root -p*
      ERROR 2026 (HY000): SSL connection error: Validation of SSL server certificate failed

      Wenn ich in der 50-mysql-clients.cnf die Zertifikate herausnehme kann ich mich anmelden.

      sudo nano /etc/mysql/mariadb.conf.d/50-mysql-clients.cnf
      _[mysql]
      #ssl-ca=/etc/mysql/ca_ecdsa.crt.pem
      #ssl-cert=/etc/mysql/client_ecdsa.crt.pem
      #ssl-key=/etc/mysql/client_ecdsa.key.pem
      ssl-verify-server-cert=on_

      *sudo systemctl restart mysql
      mysql -u root -p*
      /s
      SSL: Cipher in use is TLS_AES_256_GCM_SHA384
      SHOW VARIABLES LIKE '%ssl%';
      _have_openssl | YES
      have_ssl | YES
      version_ssl_library | OpenSSL 1.1.1c 28 May 2019 _

      Ich hoffe mir kann hierbei jemand weiterhelfen.

        Attachments

          Activity

            People

            Assignee:
            georg Georg Richter
            Reporter:
            e.ms e.ms
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Dates

              Created:
              Updated: