Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Cant get Frontend SSL working
16 views
Skip to first unread message
Frankenstein
Aug 12, 2024, 7:12:10 AM8/12/24
to proxysql
Hey everyone,
When i do the connection with ssl_mode=required, i can connect.
My guess is that I get the error message because the certificate in /var/lib/proxysql was not created with the same ca.pem as my client-cert and the server-certs from the pxc nodes.
So I created a server cert with the same ca.pem as the pxc nodes have for server and client certs and put it in its place and then loaded it using proxysql reload tls. Unfortunately this did not change anything.
Can someone help me to get some more clarity?
Best regards
in the past week i have setup a pxc write set cluster with caching_sha2_password so we need to force SSL. I already configured the ca/cert/key for backend ssl and its working.
I have some issues with the frontend ssl as described here:
The certificate gets generated, the testuser has use_ssl active. When trying to connect from a client to the proxysql server, i get the error:
ERROR 2026 (HY000): SSL connection error: error:0A000086:SSL routines::certificate verify failed
My guess is that I get the error message because the certificate in /var/lib/proxysql was not created with the same ca.pem as my client-cert and the server-certs from the pxc nodes.
So I created a server cert with the same ca.pem as the pxc nodes have for server and client certs and put it in its place and then loaded it using proxysql reload tls. Unfortunately this did not change anything.
Can someone help me to get some more clarity?
Best regards
Reply all
Reply to author
Forward
0 new messages