I'm trying to set up SSL connectivity to a Fedora Core 4 server running mysql-server-4.1.16-1.FC4.1 and not having much success. I keep getting
ERROR 2026 (HY000): SSL connection error no matter what I do. I followed the directions on http://dev.mysql.com/doc/refman/4.1/en/secure-create-certs.html to the letter, and I've cranked up all the logging possible on the server. I don't see any error messages on the server at all, and SHOW STATUS indicates that mysql is accepting SSL connections ('ssl_accepts' increments). In desperation I tried to strace(1) mysqld, but all I see is it handing the connection to a cloned child thread... and I don't know how to trace into the child (with '-f' it hangs mysqld presumably b/c the parent is wait(2)-ing on the child): select(5, [3 4], NULL, NULL, NULL) = 1 (in [3]) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 accept(3, {sa_family=AF_INET, sin_port=htons(38973), sin_addr=inet_addr("192.168.0.182")}, [16]) = 47 fcntl64(3, F_SETFL, O_RDWR) = 0 getsockname(47, {sa_family=AF_INET, sin_port=htons(3306), sin_addr=inet_addr("192.168.0.145")}, [16]) = 0 fcntl64(47, F_SETFL, O_RDONLY) = 0 fcntl64(47, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(47, F_SETFL, O_RDWR|O_NONBLOCK) = 0 setsockopt(47, SOL_IP, IP_TOS, [8], 4) = 0 setsockopt(47, SOL_TCP, TCP_NODELAY, [1], 4) = 0 time(NULL) = 1138854239 clone(child_stack=0xb3c244c4, flags=CLONE_VM|CLONE_FS|CLONE_FILES| CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS| CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID|CLONE_DETACHED, parent_tidptr=0xb3c24bf8, {entry_number:6, base_addr:0xb3c24bb0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}, child_tidptr=0xb3c24bf8) = 6918 select(5, [3 4], NULL, NULL, NULL Here's my relevant my.cnf snippets: ----8<---- cut here ----8<---- [mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock ssl ssl-ca=/etc/mysql/cacert.pem ssl-cert=/etc/mysql/server-cert.pem ssl-key=/etc/mysql/server-key.pem ssl-cipher=ALL log log-error ----8<---- cut here ----8<---- Can anyone help? - Julian -- Julian C. Dunn Systems Administrator e: [EMAIL PROTECTED] p: 416-363-6316 x292 f: 416-363-6102 Devlin eBusiness Architects 185 Frederick St. Toronto, ON M5A 4L4 http://www.devlin.ca/ -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]