Bug #51664 Add New Aggregator SSL Parameters to Agent Installer
Submitted: 2 Mar 2010 23:27 Modified: 9 Feb 2015 16:41
Reporter: Andy Bang Email Updates:
Status: No Feedback Impact on me:
Category:MySQL Enterprise Monitor: Installing Severity:S3 (Non-critical)
Version: OS:Any
Assigned to: Jan Kneschke CPU Architecture:Any

[2 Mar 2010 23:27] Andy Bang
The Aggregator now speaks SSL so we must add some new fields to the Agent installer.

We already set the following parameters in the INI file:

    # Aggregator Parameters

We now need to add the following 3 new parameters to that section:

    aggr-ssl-address=<:port>            HTTPS port (default is 14443)
    aggr-ssl-cert-file=<path-to-file>   PEM certificate file
    aggr-ssl-ca-file=<path-to-file>     CA certificate file

So on the "Query Analyzer Configuration" screen, under the "Aggregator Port" parameter, please add:

    Aggregator SSL Port: (text input field, defaults to 14443)
    PEM Certificate File: (input field with browse file control)
    CA Certificate File: (input field with browse file control)

The second two options should include a way to browse to the files, like the one we have on the "Installation Directory" screen.

Note that the SSL port is not required, but if it is specified then one of the two certificate file options should also be specified.

This will probably make the current "Query Analyzer Configuration" screen too large, so if necessary, please break this screen into two screens:

  o One called "Query Analyzer Configuration - Aggregator" that
    collects the Aggregator parameters
  o One called "Query Analyzer Configuration - Proxy" that collects
    the Proxy parameters
  o Please show or don't show these screens depending on the state of
    the checkboxes on the "Components to Install" screen (i.e. if
    Aggregator is checked and Proxy is not, only show the "Query
    Analyzer Configuration - Aggregator" screen, etc.)

How to repeat:

Suggested fix:
See Description
[4 Mar 2010 17:23] Andy Bang

If no value is specified for any one of Aggregator SSL Port, PEM Certificate File, or CA Certificate File, the corresponding parameter should not appear in the INI file.  Rather than being left blank, it should not appear at all.
[5 Mar 2010 11:26] BitRock Merlin
Patch sent to Keith.
[5 Mar 2010 18:06] Enterprise Tools JIRA Robot
Keith Russell writes: 
Patch installed in versions =>
[9 Mar 2010 21:18] Enterprise Tools JIRA Robot
Bill Weber writes: 
on windows, if the ssl portion is left blank so it doesn't appear in the ini file:

# Aggregator Parameters

get this critical error in the agent log:

2010-03-09 11:55:45: (critical) .\aggr_mainloop.c:759: lua(C:\PROGRA~1\MySQL\ENTERP~1\Agent\lib/mysql-aggregator/lua/aggr.lua) failed: ...SQL\ENTERP~1\Agent\lib/mysql-aggregator/lua/aggr.lua:12: module 'aggr_auth_cache' not found:
	no field package.preload['aggr_auth_cache']
	no file 'C:\Program Files\MySQL\Enterprise\Agent\bin\..\lib\mysql-proxy\lua\aggr_auth_cache.lua'
	no file 'C:\Program Files\MySQL\Enterprise\Agent\bin\..\lib\mysql-monitor-agent\lua\aggr_auth_cache.lua'
	no file 'C:\Program Files\MySQL\Enterprise\Agent\bin\..\lib\mysql-aggregator\lua\aggr_auth_cache.lua'
	no file 'C:\Program Files\MySQL\Enterprise\Agent\bin\lua-aggr_auth_cache.dll'
[15 Mar 2010 16:02] Jan Kneschke
Bill, please open a new bug report for your finding along 'aggr_auth_cache'.

It has independent of the "add ssl options for aggr to the installer".
[10 Feb 2015 1:00] Bugs System
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".