Bug #74034 No info about chained certificates
Submitted: 23 Sep 2014 12:32 Modified: 5 Nov 2014 17:25
Reporter: Daniël van Eeden (OCA) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Enterprise Monitor: Documentation Severity:S3 (Non-critical)
Version:3.0 OS:Any
Assigned to: Edward Gilmore CPU Architecture:Any
Tags: chained, intermediate, SSL, tls

[23 Sep 2014 12:32] Daniël van Eeden 
Description:
For some SSL certificates it is necessary to load intermediate certificates. This is not documented.

http://dev.mysql.com/doc/mysql-monitor/3.0/en/mem-ssl-installation.html

It should be documented:
- If this is supported or not
- How to configure it 

How to repeat:
Try to configure MEM with a SSL certificate which is not directly trusted by the browser and needs an intermediate certificate to build a full certificate path.
[23 Sep 2014 12:50] Mark Leith 
Verifying, thanks for the request.
[23 Sep 2014 12:53] Daniël van Eeden 
I configured it by changing apache-tomcat/conf/server.xml

Added to the line with 'Connector port="18443"':
SSLCertificateChainFile="/opt/mysql/enterprise/monitor/apache-tomcat/conf/ssl/tomcat.int.pem"
[5 Nov 2014 17:25] Edward Gilmore 
Included in 3.0.16 documentation