Bug #11548 | Not recognizing ssl-ca, ssl-cert and ssl-key variables in my.cnf | ||
---|---|---|---|
Submitted: | 24 Jun 2005 16:45 | Modified: | 7 Jul 2005 0:48 |
Reporter: | Matthew Schultz | Email Updates: | |
Status: | Can't repeat | Impact on me: | |
Category: | MySQL Server | Severity: | S1 (Critical) |
Version: | 4.1.12 | OS: | Linux (CentOS 4 (Derivative of Redhat)) |
Assigned to: | CPU Architecture: | Any |
[24 Jun 2005 16:45]
Matthew Schultz
[24 Jun 2005 17:08]
Matthew Schultz
I should also mention that I ran a make test and I got this: openssl_1 [ skipped ]
[24 Jun 2005 17:20]
Matthew Schultz
The openssl version is: 0.9.7a
[4 Jul 2005 3:11]
Lucian Kafka
Same issue using the RPMs Linux x86 for both 4.1.11, 4.1.12-1
[4 Jul 2005 3:13]
Lucian Kafka
Running on Fedora Core 3 I should have mentioned in the post above.
[6 Jul 2005 22:10]
MySQL Verification Team
mysqlbinlog not recognize the ssl variables, then use the prefix loose in your my.cnf for those variables. I verified using the mysql client with the ssl variables in the my.cnf and from the command line: miguel@hegel:/share/dbs/4.1$ bin/mysql -umiguel -p \ > --ssl-ca=/home/miguel/SSL/cacert.pem \ > --ssl-cert=/home/miguel/SSL/client-cert.pem \ > --ssl-key=/home/miguel/SSL/client-key.pem Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 4 to server version: 4.1.13-debug-log Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> show variables like "%openssl%"; +---------------+-------+ | Variable_name | Value | +---------------+-------+ | have_openssl | YES | +---------------+-------+ 1 row in set (0.00 sec)
[7 Jul 2005 0:31]
Matthew Schultz
Did you try running make test? When I ran that, it said openssl failed to build in which leads me to believe that what is being shown in SHOW VARIABLES is in fact false.
[7 Jul 2005 0:33]
Matthew Schultz
What do you mean by this statement: then use the prefix loose in your my.cnf for those variables What is this prefix, loose?
[7 Jul 2005 0:48]
MySQL Verification Team
You be aware that not all the clients and tools support the same variables, then how you verified mysqlbinlog aborts with errors messages, for to avoid this you should use in the client group: [client] loose-ssl-ca=/home/miguel/SSL/cacert.pem loose-ssl-cert=/home/miguel/SSL/client-cert.pem loose-ssl-key=/home/miguel/SSL/client-key.pem in this way tools and client ignores variables not supported.