Re: C5 recent openssl update breaks mysql SSL connection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 08/17/2015 10:57 AM, Tony Mountifield wrote:
> I recently applied updates to a CentOS 5 box running MySQL. I've discovered
> that the new version of openssl, 0.9.8e-36.0.1.el5_11, breaks MySQL SSL
> connections.
> 
> If I rename /lib/libssl.so.0.9.8e and replace it with the old version of
> that file from openssl-0.9.8e-27.el5_10.1 (not sure if that is the next
> oldest, but it was handy), then SSL connection to MySQL works again.
> 
> I then performed cross-checks using the server with new libssl and the
> client with old, and then vice versa. What I found was that it didn't
> matter whether the server was started with the old libssl or the new libssl.
> In both cases, the mysql client would only connect using the old libssl,
> and not when using the new libssl.
> 
> When it works with the old libssl, I can confirm that SSL is in use:
> 
> mysql> \s
> --------------
> mysql  Ver 14.12 Distrib 5.0.95, for redhat-linux-gnu (i386) using readline 5.1
> 
> Connection id:          2
> Current database:
> Current user:           root@localhost
> SSL:                    Cipher in use is DHE-RSA-AES256-SHA
> 
> The error with the new libssl looks like this:
> 
> [root@hostname ~]# mysql
> ERROR 2026 (HY000): SSL connection error
> 
> Has anyone else come across this? Is it a bug in SSL? Or a new restriction?
> Do I need to regenerate my certificates using the new openssl?
> 
> Cheers
> Tony
> 

You should now be using mysql55 on CentOS-5, not mysql-5.0

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux