Bug #50076 SSL error messages are useless
Submitted: 5 Jan 2010 7:53 Modified: 11 Jan 2010 10:56
Reporter: Arkadiusz Miskiewicz (Basic Quality Contributor) Email Updates:
Status: Duplicate Impact on me:
Category:MySQL Server: Errors Severity:S3 (Non-critical)
Version:5.1.42 OS:Any
Assigned to: CPU Architecture:Any

[5 Jan 2010 7:53] Arkadiusz Miskiewicz
mysql command line client (and likely error reporting via API, too) is totally useless because it tells us nothing:

$ mysql -u arekm -p -h somehost
Enter password:
ERROR 2026 (HY000): SSL connection error

openssl library is perfectly capable of delivering proper, detailed error message. mysql library unfortunately doesn't use that capability for error reporting.

That's very bad since user has to guess what "SSL connection error" means.

How to repeat:
Connect via SSL to some mysql server with wrong cert (or any other ssl related failure) to get SSL connection error.

Suggested fix:
Make vio/rviosslfactories.c:report_errors() report error also when not in debug mode?

Or better report proper error in form:
"ERROR 2026 (HY000): SSL connection error: ERROR STRING FROM SSL LIBRARY"

which would tell us what the real problem is.
[11 Jan 2010 10:56] Sveta Smirnova
Thank you for the report.

This is duplicate of already verified bug #21287