Mistaken SSL error connecting to MariaDB 10.1

[falcon]

When I try to connect to MariaDB 10.1 in SSL mode, hitting the Test Connection button displays the following error: “You are trying to connect through SSL to a server which is not configured for SSL.
SQLyog will continue connecting in normal mode.”

The connection then succeeds, even though that particular user has REQUIRE SSL grants (which is the correct behavior). So I assume it’s using SSL despite the message to the contrary.

If I then disable SSL encryption, trying to connect will fail (again, as expected).

The message is obviously mistaken. This may be because MariaDB uses has_ssl and has_openssl separately to determine whether it was compiled with openSSL or YaSSL.

Output from “Show Variables LIKE ‘%ssl%'”:

"Variable_name"	"Value"
"have_openssl"	"NO"
"have_ssl"	"YES"
"ssl_ca"	"/etc/mysql/ssl/ca-cert.pem"
"ssl_capath"	""
"ssl_cert"	"/etc/mysql/ssl/server-cert.pem"
"ssl_cipher"	""
"ssl_crl"	""
"ssl_crlpath"	""
"ssl_key"	"/etc/mysql/ssl/server-key.pem"
"version_ssl_library"	"YaSSL 2.4.2"

SHOW GRANTS FOR rootssl@<ip>:
GRANT ALL PRIVILEGES ON *.* TO ‘rootssl’@'<ip>’ IDENTIFIED BY PASSWORD ‘*<pass>’ REQUIRE SSL WITH GRANT OPTION

[Sibin A S]

Hi,

The output that you shared shows “have_openssl” has the value ‘NO’. This means that you need to recompile or reinstall MySQL.

If you see “DISABLED” next to “have_openssl” and “have_ssl”, great – that means that your copy of MySQL supports SSL. and if ‘Yes’ then SSL is setup.

Please refer the MySQL official documentation, here

Regards,
Sibin

[Author]

Posts