Type:
Priority:
Resolution:
Fixed
Affects Version/s:
N/A
With SSL changes targeted for 11.3, MariaBackup has become more complicated to run. If no certificates are provided to MariaBackup call, it fails to run both with and without --skip-ssl . It makes no difference whether the server is run with --skip-ssl or not, and whether the connection is made through TCP or socket. --disable-ssl-verify-server-cert helps in all cases (TCP or socket, server with skip-ssl or not).
If MariaBackup is called with certificates from MTR, the results are different, but also confusing. I cannot meaningfully summarize it.
--disable_abort_on_error
--echo #
--echo # Attempt 1: TCP, no special options
--exec $XTRABACKUP --backup -uroot --target-dir=$MYSQL_TMP_DIR/backup1 --port=$MASTER_MYPORT --protocol=tcp > $MYSQL_TMP_DIR/backup1.out 2>&1
--let $err= $sys_errno
if ($err)
{
--cat_file $MYSQL_TMP_DIR/backup1.out
}
if ($err==0)
{
--echo # All good
}
--echo #
--echo # Attempt 2: TCP, skip-ssl
--exec $XTRABACKUP --backup -uroot --target-dir=$MYSQL_TMP_DIR/backup2 --port=$MASTER_MYPORT --protocol=tcp --skip-ssl > $MYSQL_TMP_DIR/backup2.out 2>&1
--let $err= $sys_errno
if ($err)
{
--cat_file $MYSQL_TMP_DIR/backup2.out
}
if ($err==0)
{
--echo # All good
}
--echo #
--echo # Attempt 3: TCP, disable-ssl-verify-server-cert
--exec $XTRABACKUP --backup -uroot --target-dir=$MYSQL_TMP_DIR/backup3 --port=$MASTER_MYPORT --protocol=tcp --disable-ssl-verify-server-cert > $MYSQL_TMP_DIR/backup3.out 2>&1
--let $err= $sys_errno
if ($err)
{
--cat_file $MYSQL_TMP_DIR/backup3.out
}
if ($err==0)
{
--echo # All good
}
--echo #
--echo # Attempt 4: Socket, no special options
--exec $XTRABACKUP --backup -uroot --target-dir=$MYSQL_TMP_DIR/backup4 --socket=$MASTER_MYSOCK --protocol=socket > $MYSQL_TMP_DIR/backup4.out 2>&1
--let $err= $sys_errno
if ($err)
{
--cat_file $MYSQL_TMP_DIR/backup4.out
}
if ($err==0)
{
--echo # All good
}
--echo #
--echo # Attempt 5: Socket, skip-ssl
--exec $XTRABACKUP --backup -uroot --target-dir=$MYSQL_TMP_DIR/backup5 --socket=$MASTER_MYSOCK --protocol=socket --skip-ssl > $MYSQL_TMP_DIR/backup5.out 2>&1
--let $err= $sys_errno
if ($err)
{
--cat_file $MYSQL_TMP_DIR/backup5.out
}
if ($err==0)
{
--echo # All good
}
--echo #
--echo # Attempt 6: Socket, disable-ssl-verify-server-cert
--exec $XTRABACKUP --backup -uroot --target-dir=$MYSQL_TMP_DIR/backup6 --socket=$MASTER_MYSOCK --protocol=socket --disable-ssl-verify-server-cert > $MYSQL_TMP_DIR/backup6.out 2>&1
--let $err= $sys_errno
if ($err)
{
--cat_file $MYSQL_TMP_DIR/backup6.out
}
if ($err==0)
{
--echo # All good
}
bb-11.3-serg 9c96b8f5d48a181386807b1f3151154d21cc059c
# Attempt 1: TCP, no special options
[00] 2023-10-13 20:49:27 Connecting to MariaDB server host: localhost, user: root, password: not set, port: 16000, socket: /run/mysqld/mysqld.sock
[00] 2023-10-13 20:49:27 Failed to connect to MariaDB server: SSL connection error: SSL certificate is self-signed.
#
# Attempt 2: TCP, skip-ssl
[00] 2023-10-13 20:49:27 Connecting to MariaDB server host: localhost, user: root, password: not set, port: 16000, socket: /run/mysqld/mysqld.sock
[00] 2023-10-13 20:49:27 Failed to connect to MariaDB server: SSL connection error: SSL certificate is self-signed.
#
# Attempt 3: TCP, disable-ssl-verify-server-cert
# All good
#
# Attempt 4: Socket, no special options
[00] 2023-10-13 20:49:29 Connecting to MariaDB server host: localhost, user: root, password: not set, port: not set, socket: /mnt8t/src/bb-11.3-serg/mysql-test/var/tmp/mysqld.1.sock
[00] 2023-10-13 20:49:29 Failed to connect to MariaDB server: SSL connection error: SSL certificate is self-signed.
#
# Attempt 5: Socket, skip-ssl
[00] 2023-10-13 20:49:29 Connecting to MariaDB server host: localhost, user: root, password: not set, port: not set, socket: /mnt8t/src/bb-11.3-serg/mysql-test/var/tmp/mysqld.1.sock
[00] 2023-10-13 20:49:29 Failed to connect to MariaDB server: SSL connection error: SSL certificate is self-signed.
#
# Attempt 6: Socket, disable-ssl-verify-server-cert
# All good
is caused by
MDEV-31857
enable --ssl-verify-server-cert by default
Closed
{"report":{"fcp":906.7999999821186,"ttfb":275.09999999403954,"pageVisibility":"visible","entityId":125792,"key":"jira.project.issue.view-issue","isInitial":true,"threshold":1000,"elementTimings":{},"userDeviceMemory":8,"userDeviceProcessors":64,"apdex":0.5,"journeyId":"e7c45d4f-0d62-4043-8163-a019b764552b","navigationType":0,"readyForUser":1019.5,"redirectCount":0,"resourceLoadedEnd":1057.0999999940395,"resourceLoadedStart":280.19999998807907,"resourceTiming":[{"duration":50.400000005960464,"initiatorType":"link","name":"https://jira.mariadb.org/s/2c21342762a6a02add1c328bed317ffd-CDN/lu2bv2/820016/12ta74/0a8bac35585be7fc6c9cc5a0464cd4cf/_/download/contextbatch/css/_super/batch.css","startTime":280.19999998807907,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":280.19999998807907,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":330.59999999403954,"responseStart":0,"secureConnectionStart":0},{"duration":50.5,"initiatorType":"link","name":"https://jira.mariadb.org/s/7ebd35e77e471bc30ff0eba799ebc151-CDN/lu2bv2/820016/12ta74/2380add21a9a1006587582385952de73/_/download/contextbatch/css/jira.browse.project,project.issue.navigator,jira.view.issue,jira.general,jira.global,atl.general,-_super/batch.css?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&slack-enabled=true","startTime":280.39999997615814,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":280.39999997615814,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":330.89999997615814,"responseStart":0,"secureConnectionStart":0},{"duration":113.40000000596046,"initiatorType":"script","name":"https://jira.mariadb.org/s/e9b27a47da5fb0f74a35acd57e9847fb-CDN/lu2bv2/820016/12ta74/0a8bac35585be7fc6c9cc5a0464cd4cf/_/download/contextbatch/js/_super/batch.js?locale=en","startTime":280.59999999403954,"connectEnd":280.59999999403954,"connectStart":280.59999999403954,"domainLookupEnd":280.59999999403954,"domainLookupStart":280.59999999403954,"fetchStart":280.59999999403954,"redirectEnd":0,"redirectStart":0,"requestStart":280.59999999403954,"responseEnd":394,"responseStart":394,"secureConnectionStart":280.59999999403954},{"duration":207.7000000178814,"initiatorType":"script","name":"https://jira.mariadb.org/s/c32eb0da7ad9831253f8397e6cc26afd-CDN/lu2bv2/820016/12ta74/2380add21a9a1006587582385952de73/_/download/contextbatch/js/jira.browse.project,project.issue.navigator,jira.view.issue,jira.general,jira.global,atl.general,-_super/batch.js?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&locale=en&slack-enabled=true","startTime":280.7999999821186,"connectEnd":280.7999999821186,"connectStart":280.7999999821186,"domainLookupEnd":280.7999999821186,"domainLookupStart":280.7999999821186,"fetchStart":280.7999999821186,"redirectEnd":0,"redirectStart":0,"requestStart":280.7999999821186,"responseEnd":488.5,"responseStart":488.5,"secureConnectionStart":280.7999999821186},{"duration":211.2999999821186,"initiatorType":"script","name":"https://jira.mariadb.org/s/bc0bcb146314416123c992714ee00ff7-CDN/lu2bv2/820016/12ta74/c92c0caa9a024ae85b0ebdbed7fb4bd7/_/download/contextbatch/js/atl.global,-_super/batch.js?locale=en","startTime":281.09999999403954,"connectEnd":281.09999999403954,"connectStart":281.09999999403954,"domainLookupEnd":281.09999999403954,"domainLookupStart":281.09999999403954,"fetchStart":281.09999999403954,"redirectEnd":0,"redirectStart":0,"requestStart":281.09999999403954,"responseEnd":492.39999997615814,"responseStart":492.39999997615814,"secureConnectionStart":281.09999999403954},{"duration":211.59999999403954,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bv2/820016/12ta74/1.0/_/download/batch/jira.webresources:calendar-en/jira.webresources:calendar-en.js","startTime":281.19999998807907,"connectEnd":281.19999998807907,"connectStart":281.19999998807907,"domainLookupEnd":281.19999998807907,"domainLookupStart":281.19999998807907,"fetchStart":281.19999998807907,"redirectEnd":0,"redirectStart":0,"requestStart":281.19999998807907,"responseEnd":492.7999999821186,"responseStart":492.7999999821186,"secureConnectionStart":281.19999998807907},{"duration":211.69999998807907,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bv2/820016/12ta74/1.0/_/download/batch/jira.webresources:calendar-localisation-moment/jira.webresources:calendar-localisation-moment.js","startTime":281.5,"connectEnd":281.5,"connectStart":281.5,"domainLookupEnd":281.5,"domainLookupStart":281.5,"fetchStart":281.5,"redirectEnd":0,"redirectStart":0,"requestStart":281.5,"responseEnd":493.19999998807907,"responseStart":493.19999998807907,"secureConnectionStart":281.5},{"duration":255.5,"initiatorType":"link","name":"https://jira.mariadb.org/s/b04b06a02d1959df322d9cded3aeecc1-CDN/lu2bv2/820016/12ta74/a2ff6aa845ffc9a1d22fe23d9ee791fc/_/download/contextbatch/css/jira.global.look-and-feel,-_super/batch.css","startTime":281.69999998807907,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":281.69999998807907,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":537.1999999880791,"responseStart":0,"secureConnectionStart":0},{"duration":211.90000000596046,"initiatorType":"script","name":"https://jira.mariadb.org/rest/api/1.0/shortcuts/820016/47140b6e0a9bc2e4913da06536125810/shortcuts.js?context=issuenavigation&context=issueaction","startTime":281.7999999821186,"connectEnd":281.7999999821186,"connectStart":281.7999999821186,"domainLookupEnd":281.7999999821186,"domainLookupStart":281.7999999821186,"fetchStart":281.7999999821186,"redirectEnd":0,"redirectStart":0,"requestStart":281.7999999821186,"responseEnd":493.69999998807907,"responseStart":493.59999999403954,"secureConnectionStart":281.7999999821186},{"duration":255.5,"initiatorType":"link","name":"https://jira.mariadb.org/s/3ac36323ba5e4eb0af2aa7ac7211b4bb-CDN/lu2bv2/820016/12ta74/d176f0986478cc64f24226b3d20c140d/_/download/contextbatch/css/com.atlassian.jira.projects.sidebar.init,-_super,-project.issue.navigator,-jira.view.issue/batch.css?jira.create.linked.issue=true","startTime":281.89999997615814,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":281.89999997615814,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":537.3999999761581,"responseStart":0,"secureConnectionStart":0},{"duration":212.09999999403954,"initiatorType":"script","name":"https://jira.mariadb.org/s/719848dd97ebe0663199f49a3936487a-CDN/lu2bv2/820016/12ta74/d176f0986478cc64f24226b3d20c140d/_/download/contextbatch/js/com.atlassian.jira.projects.sidebar.init,-_super,-project.issue.navigator,-jira.view.issue/batch.js?jira.create.linked.issue=true&locale=en","startTime":282.09999999403954,"connectEnd":282.09999999403954,"connectStart":282.09999999403954,"domainLookupEnd":282.09999999403954,"domainLookupStart":282.09999999403954,"fetchStart":282.09999999403954,"redirectEnd":0,"redirectStart":0,"requestStart":282.09999999403954,"responseEnd":494.19999998807907,"responseStart":494.19999998807907,"secureConnectionStart":282.09999999403954},{"duration":424.40000000596046,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bv2/820016/12ta74/1.0/_/download/batch/jira.webresources:bigpipe-js/jira.webresources:bigpipe-js.js","startTime":287.7999999821186,"connectEnd":287.7999999821186,"connectStart":287.7999999821186,"domainLookupEnd":287.7999999821186,"domainLookupStart":287.7999999821186,"fetchStart":287.7999999821186,"redirectEnd":0,"redirectStart":0,"requestStart":287.7999999821186,"responseEnd":712.1999999880791,"responseStart":712.1999999880791,"secureConnectionStart":287.7999999821186},{"duration":672.2000000178814,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bv2/820016/12ta74/1.0/_/download/batch/jira.webresources:bigpipe-init/jira.webresources:bigpipe-init.js","startTime":287.89999997615814,"connectEnd":287.89999997615814,"connectStart":287.89999997615814,"domainLookupEnd":287.89999997615814,"domainLookupStart":287.89999997615814,"fetchStart":287.89999997615814,"redirectEnd":0,"redirectStart":0,"requestStart":287.89999997615814,"responseEnd":960.0999999940395,"responseStart":960.0999999940395,"secureConnectionStart":287.89999997615814},{"duration":163.7000000178814,"initiatorType":"xmlhttprequest","name":"https://jira.mariadb.org/rest/webResources/1.0/resources","startTime":548.8999999761581,"connectEnd":548.8999999761581,"connectStart":548.8999999761581,"domainLookupEnd":548.8999999761581,"domainLookupStart":548.8999999761581,"fetchStart":548.8999999761581,"redirectEnd":0,"redirectStart":0,"requestStart":548.8999999761581,"responseEnd":712.5999999940395,"responseStart":712.5999999940395,"secureConnectionStart":548.8999999761581},{"duration":248.7000000178814,"initiatorType":"link","name":"https://jira.mariadb.org/s/d5715adaadd168a9002b108b2b039b50-CDN/lu2bv2/820016/12ta74/be4b45e9cec53099498fa61c8b7acba4/_/download/contextbatch/css/jira.project.sidebar,-_super,-project.issue.navigator,-jira.general,-jira.browse.project,-jira.view.issue,-jira.global,-atl.general,-com.atlassian.jira.projects.sidebar.init/batch.css?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&slack-enabled=true","startTime":808.3999999761581,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":808.3999999761581,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":1057.0999999940395,"responseStart":0,"secureConnectionStart":0}],"fetchStart":0,"domainLookupStart":0,"domainLookupEnd":0,"connectStart":0,"connectEnd":0,"requestStart":87,"responseStart":275,"responseEnd":283,"domLoading":278,"domInteractive":1081,"domContentLoadedEventStart":1081,"domContentLoadedEventEnd":1124,"domComplete":1886,"loadEventStart":1886,"loadEventEnd":1887,"userAgent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)","marks":[{"name":"bigPipe.sidebar-id.start","time":1069},{"name":"bigPipe.sidebar-id.end","time":1069.699999988079},{"name":"bigPipe.activity-panel-pipe-id.start","time":1069.7999999821186},{"name":"bigPipe.activity-panel-pipe-id.end","time":1072.2999999821186},{"name":"activityTabFullyLoaded","time":1136.699999988079}],"measures":[],"correlationId":"c31a2cf7c43cc0","effectiveType":"4g","downlink":10,"rtt":0,"serverDuration":111,"dbReadsTimeInMs":14,"dbConnsTimeInMs":27,"applicationHash":"9d11dbea5f4be3d4cc21f03a88dd11d8c8687422","experiments":[]}}
Bug
Critical
MDEV-31857 enable --ssl-verify-server-cert by default