mariadb 10.6.4 SSL access with mysql-workbench
You are viewing an old version of this question. View
the current version here.
hello -
i am trying to use google-workbench to connect to a MariaDB server.
i have a 10.5.12 server running on the google-cloud, and i am indeed very successful to access the server no problem using mysql-workbench, but i am unable to use mysql-workbench connect to a 10.6.4 running locally on a virtualbox vm.
here are my 10.5.2 settings on the google-cloud:
[mariadb-10.5] ssl_cert = /etc/my.cnf.d/certificates/server-cert.pem ssl_key = /etc/my.cnf.d/certificates/server-key.pem ssl_ca = /etc/my.cnf.d/certificates/ca.pem
SHOW GLOBAL VARIABLES LIKE '%Ssl%'; +---------------------+--------------------------------------------+ | Variable_name | Value | +---------------------+--------------------------------------------+ | have_openssl | YES | | have_ssl | YES | | ssl_ca | /etc/my.cnf.d/certificates/ca.pem | | ssl_capath | | | ssl_cert | /etc/my.cnf.d/certificates/server-cert.pem | | ssl_cipher | | | ssl_crl | | | ssl_crlpath | | | ssl_key | /etc/my.cnf.d/certificates/server-key.pem | | version_ssl_library | OpenSSL 1.1.1g FIPS 21 Apr 2020 | +---------------------+--------------------------------------------+ 10 rows in set (0.001 sec)
status -------------- mariadb Ver 15.1 Distrib 10.5.12-MariaDB, for Linux (x86_64) using readline 5.1 Connection id: 23 Current database: Current user: root@localhost SSL: Not in use Current pager: stdout Using outfile: '' Using delimiter: ; Server: MariaDB Server version: 10.5.12-MariaDB MariaDB Server Protocol version: 10 Connection: Localhost via UNIX socket Server characterset: latin1 Db characterset: latin1 Client characterset: utf8 Conn. characterset: utf8 UNIX socket: /var/lib/mysql/mysql.sock Uptime: 1 hour 57 min 24 sec Threads: 3 Questions: 118 Slow queries: 0 Opens: 20 Open tables: 13 Queries per second avg: 0.016 --------------
however, when i try this on 10.6.4 using near-identical my.cnf.d file, i get this message below (and also on mysql-workbench) (notice have_ssl keeps showing as 'disabled')
mariadb --ssl-verify-server-cert ; ERROR 2026 (HY000): SSL connection error: SSL is required, but the server does not support it
here are my settings:
[mariadb-10.6] ssl_cert = /etc/my.cnf.d/certificates/server-cert.pem ssl_key = /etc/my.cnf.d/certificates/server-key.pem ssl_ca = /etc/my.cnf.d/certificates/ca.pem
SHOW VARIABLES LIKE '%ssl%'; +---------------------+--------------------------------------------+ | Variable_name | Value | +---------------------+--------------------------------------------+ | have_openssl | YES | | have_ssl | DISABLED | | ssl_ca | /etc/my.cnf.d/certificates/ca.pem | | ssl_capath | | | ssl_cert | /etc/my.cnf.d/certificates/server-cert.pem | | ssl_cipher | AES128+EECDH:AES128+EDH | | ssl_crl | | | ssl_crlpath | | | ssl_key | /etc/my.cnf.d/certificates/server-key.pem | | version_ssl_library | OpenSSL 1.1.1g FIPS 21 Apr 2020 | +---------------------+--------
MariaDB [(none)]> status -------------- mariadb Ver 15.1 Distrib 10.6.4-MariaDB, for Linux (x86_64) using readline 5.1 Connection id: 6 Current database: Current user: root@localhost SSL: Not in use Current pager: stdout Using outfile: '' Using delimiter: ; Server: MariaDB Server version: 10.6.4-MariaDB MariaDB Server Protocol version: 10 Connection: Localhost via UNIX socket Server characterset: latin1 Db characterset: latin1 Client characterset: utf8mb3 Conn. characterset: utf8mb3 UNIX socket: /var/lib/mysql/mysql.sock Uptime: 8 min 34 sec Threads: 1 Questions: 12 Slow queries: 0 Opens: 18 Open tables: 11 Queries per second avg: 0.023 --------------
oddly enough, on 10.5 i get this message:
mariadb --ssl-verify-server-cert ERROR 2026 (HY000): SSL connection error: self signed certificate in certificate chain
but at least mysql-workbench is working!!
any suggestions?
EDIT: i am also seeing these error messages:
Nov 08 16:56:19 localhost.localdomain mariadbd[13322]: 2021-11-08 16:56:19 7 [Warning] Aborted connection 7 to db: 'unconnected' user: 'unauthenticated' host: '192.168.123.190' (This connection closed normally without authentication)
Comments
Comments loading...
Content reproduced on this site is the property of its respective owners,
and this content is not reviewed in advance by MariaDB. The views, information and opinions
expressed by this content do not necessarily represent those of MariaDB or any other party.