Issues with get SSL replication going (I.e. Encrypting Replication Traffic as well as Encrypting SST Traffic)
瀏覽次數:65 次
跳到第一則未讀訊息
brentgc...@gmail.com
2017年8月30日 晚上11:20:192017/8/30
收件者:codership
Good day Guys Im trying to get SSL replication going (I.e. Encrypting Replication Traffic as well as Encrypting SST Traffic). For the likes of me I just cant get it working. If I set the variable, encrypt = 0 (i.e. encryption off) replication works. Please can I ask if someone could please review my logs / setup are see where my issue lays. Here is my configuration setup https://pastebin.com/9JDP4LCr This is the /var/log/mysql/error.log of First node (i.e. Donor) https://pastebin.com/MrWDcECA This is the /var/log/mysql/error.log of 2nd node (i.e. joiner) https://pastebin.com/wZiNDP4P If anyone can assist, it would most appreciated. Kind Regards Brent Clark
Aaron Morand
2017年8月31日 上午9:52:212017/8/31
收件者:brentgc...@gmail.com、codership
Have you used those SSL certificates successfully anywhere else?
Both your error logs have thissocat[13362] E SSL_CTX_use_PrivateKey_file(): error:0906D06C:PEM routines:PEM_read_bio:no start line
So make sure your certificate files ( ca-cert.pem and server-cert.pem ) have
-----BEGIN CERTIFICATE-----
-----BEGIN CERTIFICATE-----
and
-----END CERTIFICATE-----
-----END CERTIFICATE-----
lines.
That your key file ( server-key.pem ) has the lines
-----BEGIN RSA PRIVATE KEY-----
and
-----END RSA PRIVATE KEY-----
-----BEGIN RSA PRIVATE KEY-----
and
-----END RSA PRIVATE KEY-----
If you copied their contents on Windows system, then you need to verify that they didn't get a carriage return on the end of any line in the files.
Hope this helps.
Cheers,
Aaron
--
You received this message because you are subscribed to the Google Groups "codership" group.
To unsubscribe from this group and stop receiving emails from it, send an email to codership-team+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
回覆所有人
回覆作者
轉寄
0 則新訊息