MySQL和SSL连接失败，错误2026(HY000) [英] MySQL and SSL connection failing ERROR 2026 (HY000)

问题描述

我有一个来自Rapidssl的通配符证书，使用CN = *.mydomain.com.我有一个Web服务器和一个mysql数据库服务器.证书可以很好地访问网站.现在，我想为我的应用启用ssl到mysql.我已经在mysql服务器中启用ssl了，没问题:

I have a wildcard cert issued from rapidssl, using CN=*.mydomain.com. I have a web server and a mysql db server. The certs are working fine for web site access. Now I want to enable ssl for my app to mysql. I've enabled ssl in the mysql server without issue:

+---------------+---------------------------------+
| Variable_name | Value                           |
+---------------+---------------------------------+
| have_openssl  | YES                             |
| have_ssl      | YES                             |

但是，当我尝试使用客户端/ssl连接时，我得到: 错误2026(HY000):SSL连接错误:错误:00000001:lib(0):func(0):原因(1)

However, when I try to connect using the client/ssl, I get: ERROR 2026 (HY000): SSL connection error: error:00000001:lib(0):func(0):reason(1)

这似乎记录在这里: http://dev.mysql.com/doc/refman /5.5/en/creating-ssl-certs.html

This appears to be documented here: http://dev.mysql.com/doc/refman/5.5/en/creating-ssl-certs.html

它说我不能对证书使用相同的CN.我不知道该如何使用通配符证书.这是否意味着我还必须仅为mysql连接购买主机特定的证书?

It says I can't use the same CN for the certs. I don't understand how a wildcard cert can be used then. Does that mean I also have to purchase host specific certs just for the mysql connection?

我不太使用SSL，因此我很难确定应该如何设置.任何指针，甚至很明显的指针，都可能在此阶段有所帮助.

I don't work with SSL very much so I'm finding it difficult figuring out how this is supposed to be set up. Any pointers, even obvious ones, will likely help at this stage.

运行中: 适用于使用readline 5.1的debian-linux-gnu(x86_64)的mysql Ver 15.1 Distrib 5.5.32-MariaDB ubuntu 12.04

Running: mysql Ver 15.1 Distrib 5.5.32-MariaDB, for debian-linux-gnu (x86_64) using readline 5.1 ubuntu 12.04

推荐答案

请确保使用绝对路径到为--ssl-ca选项指定的ca-cert.

Make sure to use an absolute path to the ca-cert given for the --ssl-ca option.

相对路径或外壳扩展(例如~)将不起作用，并且会产生ERROR 2026 (HY000): SSL connection error: ASN: bad other signature confirmation.

Relative paths, or shell expansions (like ~) won't work and will produce ERROR 2026 (HY000): SSL connection error: ASN: bad other signature confirmation.

在mysql手册页或MySQL手册(

This isn't documented anywhere that I can see in the mysql man page, or in the SSL Command Options of the MySQL Manual (http://download.nust.na/pub6/mysql/doc/refman/5.1/en/ssl-options.html).

这篇关于MySQL和SSL连接失败，错误2026(HY000)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！