469,923 Members | 1,785 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,923 developers. It's quick & easy.

Does SSL really work in mysql 4.0.21?

bash-2.05b# ldd mysql
libcurses.so.1 => /usr/lib/libcurses.so.1
libmysqlclient.so.12 =>
/sandbox/mysql-4.0.21/lib/mysql/libmysqlclient.so.12
libz.so.1 => /usr/lib/libz.so.1
librt.so.1 => /usr/lib/librt.so.1
libcrypt_i.so.1 => /usr/lib/libcrypt_i.so.1
libgen.so.1 => /usr/lib/libgen.so.1
libsocket.so.1 => /usr/lib/libsocket.so.1
libnsl.so.1 => /usr/lib/libnsl.so.1
libssl.so.0.9.8 => /sandbox/openssl/lib/libssl.so.0.9.8
libcrypto.so.0.9.8 =>
/sandbox/openssl/lib/libcrypto.so.0.9.8
libm.so.1 => /usr/lib/libm.so.1
libgcc_s.so.1 => /opt/gcc-3.0.4/lib//libgcc_s.so.1
libc.so.1 => /usr/lib/libc.so.1
libaio.so.1 => /usr/lib/libaio.so.1
libdl.so.1 => /usr/lib/libdl.so.1
libmp.so.2 => /usr/lib/libmp.so.2
/usr/platform/SUNW,Ultra-60/lib/libc_psr.so.1
bash-2.05b#

bash-2.05b# ldd ../libexec/mysqld
librt.so.1 => /usr/lib/librt.so.1
libdl.so.1 => /usr/lib/libdl.so.1
libssl.so.0.9.8 => /sandbox/openssl/lib/libssl.so.0.9.8
libcrypto.so.0.9.8 =>
/sandbox/openssl/lib/libcrypto.so.0.9.8
libpthread.so.1 => /usr/lib/libpthread.so.1
libthread.so.1 => /usr/lib/libthread.so.1
libz.so.1 => /usr/lib/libz.so.1
libcrypt_i.so.1 => /usr/lib/libcrypt_i.so.1
libgen.so.1 => /usr/lib/libgen.so.1
libsocket.so.1 => /usr/lib/libsocket.so.1
libnsl.so.1 => /usr/lib/libnsl.so.1
libm.so.1 => /usr/lib/libm.so.1
libgcc_s.so.1 => /opt/gcc-3.0.4/lib//libgcc_s.so.1
libc.so.1 => /usr/lib/libc.so.1
libaio.so.1 => /usr/lib/libaio.so.1
libmp.so.2 => /usr/lib/libmp.so.2
/usr/platform/SUNW,Ultra-60/lib/libc_psr.so.1
bash-2.05b#
mysql> show variables like '%ssl%';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| have_openssl | YES |
+---------------+-------+
1 row in set (0.01 sec)

mysql>

[mysqld]
ssl-ca = /sandbox/mysql-4.0.21/ca-cert.pem
ssl-cert = /sandbox/mysql-4.0.21/server-cert.pem
ssl-key = /sandbox/mysql-4.0.21/server-key.pem

client is built with ssl as well.

using it as mysql --ssl-ca=cacert.pem --ssl-cert=client-cert.pem
--ssl-key=ssl-key.pem -u test -h trojanhorse

ran command

"GRANT ALL PRIVILEGES on *.* to test@'%' REQUIRE SSL;

flush privileges.

Only thing I get is error 1045 access denied, it doesn't indicate
what/where/why.

I can connect no problem if I remove the require SSL;

Anyone have any idea? The log doesn't say anything except denied. Very
informative.

I'm starting to think this is not suppose to work, everything is setup
just like all the docs.

Jun 16 '06 #1
0 1279

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

12 posts views Thread by | last post: by
reply views Thread by Miguel Cardenas | last post: by
6 posts views Thread by Francesco Moi | last post: by
7 posts views Thread by binary-nomad | last post: by
12 posts views Thread by universalbitmapper | last post: by
113 posts views Thread by John Nagle | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.