Dear All, I'm trying to get SSL connections for all mysql slave and masters.
I have one box that will not use SSL for some reason. When I start this slave it can not connect because it's not using SSL. show slave status\G *************************** 1. row *************************** Slave_IO_State: Connecting to master Master_Host: myhost Master_User: rep_user Master_Port: 3306 Connect_Retry: 60 Master_Log_File: mysql-bin.000095 Read_Master_Log_Pos: 1095 Relay_Log_File: slave-relay.000004 Relay_Log_Pos: 98 Relay_Master_Log_File: mysql-bin.000095 Slave_IO_Running: No Slave_SQL_Running: Yes Replicate_Do_DB: crm Replicate_Ignore_DB: Replicate_Do_Table: Replicate_Ignore_Table: Replicate_Wild_Do_Table: Replicate_Wild_Ignore_Table: Last_Errno: 0 Last_Error: Skip_Counter: 0 Exec_Master_Log_Pos: 1095 Relay_Log_Space: 98 Until_Condition: None Until_Log_File: Until_Log_Pos: 0 Master_SSL_Allowed: No <--- Master_SSL_CA_File: Master_SSL_CA_Path: Master_SSL_Cert: Master_SSL_Cipher: Master_SSL_Key: Seconds_Behind_Master: NULL Here is a portion of my.cnf. [mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql # Default to using old password format for compatibility with mysql 3.x # clients (those using the mysqlclient10 compatibility package). old_passwords=1 max_connections=500 max_connect_errors = 0 # replication server-id = 1 replicate-same-server-id = 0 auto-increment-increment =3 auto-increment-offset =1 master-host = myHost master-user = rep_user master-password = rep_passwd master-connect-retry = 60 replicate-do-db = crm log-bin= /var/log/mysql/mysql-bin.log binlog-do-db = crm relay-log = /var/lib/mysql/slave-relay.log relay-log-index = /var/lib/mysql/slave-relay-log.index expire_logs_days = 10 max_binlog_size = 500M # end replication # SSL for replication ssl ssl-key=/etc/mysql/ssl/server-key.pem ssl-cert=/etc/mysql/ssl/server-cert.pem ssl-ca=/etc/mysql/ssl/ca-cert.pem ssl-capath=/etc/mysql/ssl/ ssl-cipher=DHE-RSA-AES256-SHA [client] ssl port = 3306 socket = /var/lib/mysql/mysql.sock ssl-ca=/etc/mysql/ssl/ca-cert.pem ssl-key=/etc/mysql/ssl/client-key.pem ssl-cert=/etc/mysql/ssl/client-cert.pem ssl-cipher=DHE-RSA-AES256-SHA Anyone see any issues with this? Thank you, Paul -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/mysql?unsub=arch...@jab.org