There is no fundamental difference between a "public" and a "private"
CA. The only difference is in what root certificates (if any) are
trusted.
Since your report is "mysql-server does not take into account configured
ssl parameters" I see no reason why a simple reproduction of your case
with self
I meant let's encrypt as a public certificate ... authority.
Also, if it is of any help:
mysql> status
--
mysql Ver 8.0.21-0ubuntu4 for Linux on x86_64 ((Ubuntu))
Connection id: 31
Current database:
Current user: root@localhost
SSL:Not in
I appreciate the time you took to answer.
However, your example is a different use case: you're using a self-signed
certificate with a private CA.
My use case use a public CA (namely let's encrypt, but it could be anything
else).
In my setup, client and servers are on totally different machines.
Hello Jean,
Thank you for taking the time to file a bug report.
So, in a clean Focal installation, if I do:
"""
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mysql.conf.d/
[mysql]
ssl-ca=/etc/mysql/ssl/ca.pem
ssl-cert=/etc/mysql/ssl/client-cert.pem
ssl-key=/etc/mysql/ssl/client-key.pem
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1890611
Title:
mysql-server does not take into account configured ssl parameters
T