When trying to connect to a SSL secured MySQL server (version 4.0.13-r3) with the mysql client, I get the message "ERROR 2026: SSL CONNECTION ERROR". strace given't any usefull output, no error message in mysql.log. When using version 4.0.12 no problems with client ssl connection. Here my my.cnf file: [client] host=localhost port=3306 user=******* password=******** socket=/var/run/mysqld/mysqld.sock ssl-cert=/etc/mysql/server.crt ssl-key=/etc/mysql/server.key [safe_mysqld] err-log=/var/log/mysql/mysql.err [mysqld] skip-innodb user=mysql pid-file=/var/run/mysqld/mysqld.pid socket=/var/run/mysqld/mysqld.sock bind-address=127.0.0.1 port=3306 log=/var/log/mysql/mysql.log basedir=/usr datadir=/home/mysql tmpdir=/tmp language=/usr/share/mysql/german skip-locking server-id=1 set-variable=key_buffer=16M set-variable=max_allowed_packet=1M set-variable=thread_stack=128K ssl-cert=/etc/mysql/server.crt ssl-key=/etc/mysql/server.key [mysqldump] quick set-variable=max_allowed_packet=1M [mysql] no-auto-rehash [isamchk] set-variable=key_buffer=16M set-variable=sort_buffer=16M [myisamchk] set-variable=key_buffer=16M set-variable=sort_buffer=16m [mysqlhotcopy] interactive-timeout
Well, I missed something. I use OpenSSL version 0.9.6j. Trying 0.9.7 on weekend
Any update on this?
No solution with 0.9.7. I've had post a bug on the MySQL web site (http://bugs.mysql.com/bug.php?id=673&error=no). The problem is the new mysql version. It seems that the SSL handling is incompatible between 4.0.12 and 4.0.13. Furthermore I've received a message from a MySQL user which works with the developer on a solution. Here the content of the mail: "I have verified the problem. I am working with the development team. I hope to have them maintain compatiablity but some cases require changes. This may be one of them. Thanks for you Report." IMHO there are two solutions for installing MySQL 4.0.13 on gentoo: 1. Masking the package. When installing it manually there should be a message which says that SSL is broken 2. No masking, but message that SSL is broken and 4.0.12 should be used when SSL is needed.
Solution #2 done.