View Single Post
  #1  
Old 23rd June 2013, 10:27
MorningCalm MorningCalm is offline
Junior Member
 
Join Date: Jun 2013
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default MySQL Database Replication With SSL Encryption for Debian Wheezy

I am trying to setup Mysql Database Replication With SSL Encryption for Debian Wheezy. I followed your howto guide for Debian Squeeze (http://www.howtoforge.com/how-to-set...debian-squeeze), but looks like things changed for Debian Wheezy.

Problem I am having is enabling SSL on the master. If I add just "ssl" to my.cnf then the output of "show variables like '%ssl%';" is :

Code:
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| have_openssl  | YES   |
| have_ssl      | YES   |
| ssl_ca        |       |
| ssl_capath    |       |
| ssl_cert      |       |
| ssl_cipher    |       |
| ssl_key       |       |
+---------------+-------+
7 rows in set (0.00 sec)
but when I add the ssl certs to my.cnf:
ssl
ssl-ca=/etc/mysql/newcerts/ca-cert.pem
ssl-cert=/etc/mysql/newcerts/server-cert.pem
ssl-key=/etc/mysql/newcerts/server-key.pem

the output of "show variables like '%ssl%';" is:

Code:
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id:    132
Current database: *** NONE ***

+---------------+-------------------------------------+
| Variable_name | Value                               |
+---------------+-------------------------------------+
| have_openssl  | DISABLED                            |
| have_ssl      | DISABLED                            |
| ssl_ca        | /etc/mysql/newcerts/ca-cert.pem     |
| ssl_capath    |                                     |
| ssl_cert      | /etc/mysql/newcerts/server-cert.pem |
| ssl_cipher    |                                     |
| ssl_key       | /etc/mysql/newcerts/server-key.pem  |
+---------------+-------------------------------------+
7 rows in set (0.00 sec)
I can connect from slave to master if I use mysql user that isn't required to login using ssl. Can you help me out?

Last edited by MorningCalm; 23rd June 2013 at 10:30.
Reply With Quote
Sponsored Links