Bug #31360 SSL certificate files in my.cnf are not relative to datadir
Submitted: 2 Oct 2007 23:40 Modified: 28 Mar 2011 23:42
Reporter: Matt Sturtz Email Updates:
Status: Can't repeat Impact on me:
Category:MySQL Server: General Severity:S3 (Non-critical)
Version:5.0.46-0.rhel3 OS:Linux
Assigned to: CPU Architecture:Any

[2 Oct 2007 23:40] Matt Sturtz
When specifying certificate file options in my.cnf, filenames are not relative to datadir.  All other my.cnf options, such as the 'log' and 'log-bin', are relative to datadir if not specified with a full pathname

How to repeat:
ca-cert.pem, server-cert.pem, and server-key.pem are all in /var/lib/mysql

The following my.cnf config does not work:

   #SSL configuration...
   ssl-ca          = ca-cert.pem
   ssl-cert        = server-cert.pem
   ssl-key         = server-key.pem

...It generates the following error:

SSL error: Unable to get certificate from 'server-cert.pem'
071002 18:11:50 [Warning] Failed to setup SSL

Adding the full pathname to those three .pem files fixes the issue.
[3 Oct 2007 14:38] Peter Laursen
this may be related:

[28 Mar 2011 23:42] Sveta Smirnova
Thank you for the report.

This was actually fixed at least in version 5.1