FYI I got is working in the end on Solaris, I had to rebuild it
patched configure so it picked OpenSSL up from /usr/sfw configured with --with-openssl
secure connections then worked okay
thanks again paul
Paul Cunningham (At Home) wrote:
Gareth,
Thanks
It looks as though my build is not picking up the OpenSSL stuff so HAVE_OPENSSL is not getting defined :-(
can't see why at the moment though as OpenSSL is installed in "--with-openssl=/usr/sfw"
Paul
Gareth Davis wrote:
I've just done a similar thing. Are you sure that you are running the mysql client that you have just compiled.
I used the following build options CFLAGS="-O3" CXX=gcc CXXFLAGS="-O3 -felide-constructors -fno-exceptions \ -fno-rtti" ./configure \ --enable-assembler \ --enable-local-infile \ --with-mysqld-user=mysql \ --with-unix-socket-path=/var/lib/mysql/mysql.sock \ --prefix=/ \ --with-extra-charsets=complex \ --exec-prefix=/usr \ --libexecdir=/usr/sbin \ --sysconfdir=/etc \ --datadir=/usr/share \ --localstatedir=/var/lib/mysql \ --infodir=/usr/share \ --includedir=/usr/include \ --mandir=/usr \ --with-embedded-server \ --enable-thread-safe-client \ --with-vio \ --with-openssl ; I nicked this out of the RPM build spec and added the last two options.
Gareth. On Tue, 2003-06-03 at 16:04, Paul Cunningham wrote:
Hi,
Please can someone help with advise on setting up a Secure MySQL Connection. The details are as follows.
I have built and configured OpenSSL 0.9.7 and MySQL 4.0.12. MySQL was configured with the options .... ./configure \ --enable-local-infile \ --with-vio --with-openssl=/usr/sfw \ --enable-thread-safe-client --with-pthread \ --sysconfdir=/etc/sfw/mysql \ --prefix=/usr/sfw/mysql
I have set up the certificates as described in http://www.mysql.com/doc/en/Secure_Create_Certs.html
and ran the mysql daemon as follows .....
CONFF=/export/openssl/my.cnf /usr/sfw/mysql/bin/mysqld_safe --defaults-file=${CONFF} --user=mysql &
the contents of /export/openssl/my.cnf being ...
[client] ssl-ca=/export/openssl/cacert.pem ssl-cert=/export/openssl/client-cert.pem ssl-key=/export/openssl/client-key.pem [mysqld] master-ssl-ca=/export/openssl/cacert.pem master-ssl-cert=/export/openssl/server-cert.pem master-ssl-key=/export/openssl/server-key.pem
mysqld started okay after changing the [mysqld] entries and added the 'master-' bits.
I then tried to run the 'mysql' client as follows ...
/usr/sfw/mysql/bin/mysql --defaults-file=/export/openssl/my.cnf
but this fails with the following ....
/usr/sfw/mysql/bin/mysql: ERROR: unknown variable 'ssl-ca=/export/openssl/cacert.pem'
The clients does not seem to like these options either in the my.cnf file or if put on the mysql command-line.
Has anyone got any ideas where I am going wrong?
Thanks Paul
-- Gareth Davis <[EMAIL PROTECTED]> Logical Practice Systems Limited
-- __________________________________________________________________________ Paul Cunningham Email: [EMAIL PROTECTED] Software Engineer Work: (+44) (0)1923 696888 Sun Microsystems Fax: (+44) (0)1923 696801 54 Clarendon Road, Watford, Herts, WD17 1DU, UK
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]