Okay then in your mysql conf file under the client directive did you add the certs ?
[client] ssl-ca = path to cert ssl-cert = path to cert ssl-key = path to cert On Mon, Aug 3, 2015 at 10:43 AM, Ajeesh Kannan <[email protected]> wrote: > On Mon, Aug 3, 2015 at 5:08 PM, Balasubramaniam Natarajan < > [email protected]> wrote: > > > If I understand correctly you are trying to do replication over two > service > > providers of AWS and Rackspace. If that is the case you need to use the > > Fully qualified domain name for setting your masterserver rather than " > > masterserver". More over the replication user should have access to > coming > > from that IP address. > > > > On Mon, Aug 3, 2015 at 3:36 AM, Ajeesh Kannan <[email protected]> > > wrote: > > > > > Hi, > > > > > > I am getting the following error while connecting mysql replication > over > > > ssl connection. > > > > > > [root@slave server ]# mysql -u replicationuser -p -hmasterserver > > > --ssl-ca /etc/ssl/certs/mysql/ca-cert.pem --ssl-cert > > > /etc/ssl/certs/mysql/slave-public.pem --ssl-key > > > /etc/ssl/certs/mysql/slave-private.pem > > > > > > *ERROR 2026 (HY000): SSL connection error* > > > > > > > > > mysql slave server is located on : *aws* [ ec2 instance ] > > > mysql master server is located on : *RackSpace* [ cloud server ] > > > > > > on rackspace :- any traffic is allowed from that machine to host > > > > > > on master > > > mysql> show variables like '%ssl%'; > > > +---------------+----------------------------+ > > > | Variable_name | Value | > > > +---------------+----------------------------+ > > > | have_openssl | YES | > > > | have_ssl | YES | > > > | ssl_ca | /etc/mysql/ca-cert.pem | > > > | ssl_capath | | > > > | ssl_cert | /etc/mysql/server-cert.pem | > > > | ssl_cipher | | > > > | ssl_key | /etc/mysql/server-key.pem | > > > +---------------+----------------------------+ > > > > > > > > > Using the same ssl key I can connect replication with in aws/rack space > > > servers. > > > > > > > That is for better understanding i have added those names. > _______________________________________________ > ILUGC Mailing List: > http://www.ae.iitm.ac.in/mailman/listinfo/ilugc > ILUGC Mailing List Guidelines: > http://ilugc.in/mailinglist-guidelines > -- Regards, Balasubramaniam Natarajan http://blog.etutorshop.com _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc ILUGC Mailing List Guidelines: http://ilugc.in/mailinglist-guidelines
