Jump to content
The Uniform Server Community

Enable SSL for MySQL


JaggedJax
 Share

Recommended Posts

I'm trying to enable SSL in MySQL, but having trouble with UniServer. Following the directions I find online and SSL is always still disabled.

 

Is there a trick to it with Uniserver? I used the Generate_server_cert_and_key batch file for apache, and tried re-using those keys. I also tried creating new keys from scratch, but the openssl this comes with throws an error saying "unknown option -CAKey" which apparently is not an issue anyone on the internet has ever had :-/

 

Here are the lines I added the mysqld section of my.ini. I can tell the keys paths are loaded in MySQL, but it still says have_openssl and have_ssl are disabled.

ssl
ssl-ca     = "C:/UniServerZ/core/apache2/server_certs/ca.pem"
ssl-cert   = "C:/UniServerZ/core/apache2/server_certs/sub.class1.server.ca.pem"
ssl-key    = "C:/UniServerZ/core/apache2/server_certs/server.key"
Link to comment
Share on other sites

I found I was getting the following error in mysql.err with the above configuration:

SSL error: Unable to get private key from 'C:/UniServerZ/core/apache2/server_certs/server.key'
2016-10-04 19:22:37 1944 [Warning] Failed to setup SSL
2016-10-04 19:22:37 1944 [Warning] SSL error: Unable to get private key

I found this article and followed the suggestion: http://dba.stackexchange.com/a/141261/31477

 

Using the new key there are no errors in the log during startup, but when attempting to connect to the server I get the error:

 

SSL connection error: unable to verify peer checksum

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...