Bug #48881 Openssl certificate with password
Submitted: 18 Nov 2009 20:30 Modified: 3 Feb 2010 9:44
Reporter: Christoph E Schultz Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Server: Command-line Clients Severity:S3 (Non-critical)
Version:5.1.41 Community OS:Windows (WinXP SP3 OpenSSL0.9.8k)
Assigned to: CPU Architecture:Any
Tags: openssl

[18 Nov 2009 20:30] Christoph E Schultz 
Description:
I have created an OpenSSL certificate with passwort as shown in the Documentation for MySQL 5.1 servers and add the files location to the my.ini file in server and client Section. if i use the certificate MySQL this was written to the logfile:
 091118  0:31:36  InnoDB: Started; log sequence number 0 220787
SSL error: Unable to get private key from 'C:/Dokumente und Einstellungen/Christophle/server-key.pem'
091118  0:31:36 [Warning] Failed to setup SSL
091118  0:31:36 [Warning] SSL error: Unable to get private key
091118  0:31:36 [Note] Event Scheduler: Loaded 0 events
091118  0:31:36 [Note] C:\Programme\MySQL\MySQL Server 5.1\bin\mysqld: ready for connections.
C:\Dokumente und Einstellungen\Christophle>mysql -u root -p
Enter password: ******
SSL error: Unable to get private key from 'C:/Dokumente und Einstellungen/Christ
ophle/client-key.pem'
ERROR 2026 (HY000): SSL connection error

If I delete the password in the key-file, the certificate of OpenSSL could be loaded into the server and the servers SSL-Variables are turned on

I tried to set the same userpasswd for the user root@localhost as in the private key. and it did't work.

Yours Christoph Schultz

How to repeat:
create key and cert files like shown in the Documentation and try.
[30 Nov 2009 21:27] MySQL Verification Team 
Thank you for the bug report. Could you please point the exactly Manual URL instructions you have used to create the SSL files?. Thanks in advance.
[1 Dec 2009 17:58] Christoph E Schultz 
Here the URL to the Documentation how to create ssl-certs:
<a href=http://dev.mysql.com/doc/refman/5.1/en/secure-create-certs.html> secure-create-certs.html</a>
[1 Dec 2009 17:59] Christoph E Schultz 
Here the URL to the Documentation how to create ssl-certs:
http://dev.mysql.com/doc/refman/5.1/en/secure-create-certs.html
[3 Feb 2010 9:44] Sveta Smirnova 
Thank you for the feedback.

> If I delete the password in the key-file, the certificate of OpenSSL could be loaded into
> the server and the servers SSL-Variables are turned on

This is correct behavior. There are 2 instructions to remove the passphrase from the key in the manual on the page link to you provided in previous comment. So this not a bug.