Hello I work on fedora 13 with openssl 1.0.0.c and mysql server 5.1. I have a strange situation. When I create certyificat on server and setup mysql to use this certyficat, client mysql on this host connect with ssl encription correctly. From other many Fedora 13 also correctly but from Debian and windows xp Mysql return error 2026. If certificates are generated on Debian with openssl 0.98 and here is mysql server with ssl, Windows xp and other host communicate properly certified with mysql on debian. Where is problem. Below ssldump of server:
1 1 0.0035 (0.0035) C>S V3.1(89) Handshake ClientHello Version 3.1 random[32]= 91 6d 3f d5 f3 aa 9f 91 33 ec 85 93 4c 38 ad b6 33 f6 d2 ca a4 41 2c 84 1d 32 60 e3 52 f5 b2 35 cipher suites TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA Unknown value 0x7e Unknown value 0x7d Unknown value 0x7c Unknown value 0x79 Unknown value 0x78 Unknown value 0x77 Unknown value 0x74 Unknown value 0x73 Unknown value 0x72 TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA compression methods NULL 1 2 0.0149 (0.0114) S>C V3.1(74) Handshake ServerHello Version 3.1 random[32]= 4d 19 99 52 94 62 af e6 e9 53 0d be da 3f 90 ce 2d bd e5 2b 8e d0 1f b4 0e 42 5a 7e d1 81 58 d2 session_id[32]= b6 1c b9 f0 0c 41 5a be a2 30 b2 a2 2b 46 53 a0 8e cf bf 67 1c e6 65 08 cb ae bf b8 8f c3 d2 1a cipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA compressionMethod NULL 1 3 0.0150 (0.0001) S>C V3.1(1797) Handshake Certificate 1 4 0.0150 (0.0000) S>C V3.1(397) Handshake ServerKeyExchange params DH_p[64]= da 58 3c 16 d9 85 22 89 d0 e4 af 75 6f 4c ca 92 dd 4b e5 33 b8 04 fb 0f ed 94 ef 9c 8a 44 03 ed 57 46 50 d3 69 99 db 29 d7 76 27 6b a2 d3 d4 12 e2 18 f4 dd 1e 08 4c f6 d8 00 3e 7c 47 74 e8 33 DH_g[1]= 02 DH_Ys[64]= 4a 75 85 11 31 eb af 04 2e 71 e1 bd 5a 61 78 8a 9c 17 d7 df 3b 95 95 da e2 b4 fa 55 76 b0 01 0f b5 a3 36 3f f3 65 fb 47 8f 01 98 e3 52 88 12 95 f8 96 ee 7b 85 7f 6b 51 8a be 9c 5c 03 38 ba 24 signature[256]= b1 77 06 2f 0d 2b 12 26 a4 a8 32 98 15 1e 41 1f 41 c7 9f 57 d9 39 2e 6b 44 3b 8b bd 5f 59 ab 30 e8 01 d6 67 f0 43 2f 90 d9 ca 62 b2 d4 60 fa 9f f6 02 8f 8e 33 b2 81 dd 92 16 88 e3 20 34 3b 02 d9 ae a5 be f9 52 48 b1 27 88 b0 a6 09 67 39 ec dc 9c c1 8a e4 13 94 ad d9 0b e5 c0 a9 ee 1f 5d 67 2a 98 b5 5d 34 f3 dc 8b f5 6b 2c a7 d7 ea 67 7f 2b 04 e5 5a 59 62 9d 82 49 8d e6 f4 d2 63 74 5a 4e 7d 3b ec 04 4a b5 cb b5 5a d4 9f 72 c5 a5 11 17 6e 75 a1 ec ce 90 3a 0c b6 87 9d 7c b2 57 7b b1 61 ba ba 69 13 bb 2d f7 82 45 6e 2b 38 d1 7a 9a 05 f8 90 ae 0c 10 a1 d8 12 88 d4 07 9e 23 c2 a1 a5 52 63 75 91 d9 e1 61 de 9f 4b a7 68 58 d6 e0 64 ee 62 c5 31 74 f8 19 a1 6c 3c 28 65 0d 1a a9 1c e6 7d c7 1a 43 df 8c 7f 76 a8 9f 2a 66 e5 9e 13 f9 53 fd 80 b8 44 3d 2c 29 a0 56 fe 91 1 5 0.0150 (0.0000) S>C V3.1(15) Handshake CertificateRequest certificate_types rsa_fixed_dh certificate_types dss_fixed_dh certificate_types rsa_sign certificate_types dss_sign ServerHelloDone 1 6 0.0188 (0.0037) C>S V3.1(70) Handshake ClientKeyExchange DiffieHellmanClientPublicValue[64]= 47 bd 6d 17 a7 24 e3 f2 de e3 b9 cc ac 0f 27 5a f2 47 9b a8 bc a7 c9 06 f0 24 01 9f c7 78 4c 0a 38 08 b1 90 de 2e ae fb c4 91 7b ab 5c a0 e6 7f fd 6c c5 4c 1a 36 5c 71 45 86 66 f4 c2 0e c8 4d 1 7 0.0188 (0.0000) C>S V3.1(1) ChangeCipherSpec 1 8 0.0188 (0.0000) C>S V3.1(48) Handshake 1 9 0.0189 (0.0001) S>C V3.1(2) Alert level fatal value unexpected_message 1 0.0192 (0.0002) S>C TCP FIN 1 0.0194 (0.0002) C>S TCP FIN Regards Artur Slowik ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org