Bug #24063 Starting MySQL Server as service (Win) it starts without SSL (despite well conf)
Submitted: 7 Nov 2006 21:33 Modified: 12 Mar 2007 18:38
Reporter: Matthias Rötzer Email Updates:
Status: Can't repeat Impact on me:
Category:MySQL Server Severity:S3 (Non-critical)
Version:5.0.27 OS:Windows (Windows (2000, XP, 2003))
Assigned to: CPU Architecture:Any

[7 Nov 2006 21:33] Matthias Rötzer

The MySQL Server is configured for use with SSL under Windows (XP or 2000 or 2003 doesn´t make a difference!)

This works fine as long as the server is started in application mode. (Connections with different clients over SSL can be made.

As soon as the server is installed as a service (eg. with "mysqld --install"), the server starts without any error message but SSL connections wont work!

I used exactly the same my.ini file in both cases! Nothing was tempered with, but the installation of the service!

As soon as the service is removed (eg. "mysqld --remove") and started in application mode, everything works fine again!

How to repeat:

* Install MySQL Server.
* Configure it for SSL.
* Test it in application mode
* Test it in service mode

Suggested fix:

Use workaround and start server in application mode!
[28 Nov 2006 17:42] MySQL Verification Team
Thank you for the bug report. Could you please provide your my.ini when
testing as service. Thanks in advance.
[28 Nov 2006 19:40] Matthias Rötzer
config file for using MySQL with SSL

Attachment: my.ini (application/octet-stream, text), 9.23 KiB.

[29 Nov 2006 13:51] Matthias Rötzer
I´ve already provided the requested file, but the status is still on "need feedback". It seems that upploading a file isn´t automatically recognized as feedback!?
Best regards
[8 Dec 2006 15:18] MySQL Verification Team
Thank you for the feedback. I was unable to repeat the behavior reported
below how I got the connection with SSL with the server started as

C:\mydb\bin>net start mysql

O serviço de MySQL foi iniciado com êxito.

C:\mydb\bin>sc qc mysql
[SC] GetServiceConfig SUCCESS

        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : "C:\Arquivos de programas\MySQL\MySQL Server 5.0\bin\mysqld-nt" --defaults-file="C:\Arquivos de programas\
MySQL\MySQL Server 5.0\my.ini" MySQL
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : MySQL
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\mydb\bin>sc query mysql

        TYPE               : 10  WIN32_OWN_PROCESS
        STATE              : 4  RUNNING
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0

C:\mydb\bin>mysql --defaults-file="C:\Arquivos de programas\MySQL\MySQL Server 5.0\my.ini" -uroot -P3307
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.0.27-community-nt MySQL Community Edition (GPL)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show variables like "%ssl%";
| Variable_name | Value                                                               |
| have_openssl  | YES                                                                 |
| ssl_ca        | C:/Arquivos de programas/MySQL/MySQL Server 5.0/bin/cacert.pem      |
| ssl_capath    |                                                                     |
| ssl_cert      | C:/Arquivos de programas/MySQL/MySQL Server 5.0/bin/server-cert.pem |
| ssl_cipher    |                                                                     |
| ssl_key       | C:/Arquivos de programas/MySQL/MySQL Server 5.0/bin/server-key.pem  |
6 rows in set (0.00 sec)

[12 Mar 2007 18:38] Matthias Rötzer
The problem has now been solved!
The key to the solution was the my.ini file!

The server in application mode is able to load the *.pem files given within the  my.ini file without any path necessary if they are located in the "bin" folder of the MySQL server installation!

The server in service mode isn't able to load the *.pem files from the bin folder automatically, unless the full path is specified in the my.ini file!

I suggest that this is fixed in one of the next updates. At least the behaviour should be the same in both modes!