Re: [Shorewall-users] MySQL Replication with ssl connection and ports configuration

Tue, 22 Aug 2017 21:25:18 -0700 

Add this to the master my.cnf:
[mysqld]
# are permissions 644?
ssl-key         = /etc/pki/mysql/private/c3po.example.com.MariaDB.pem
ssl-cert        = /etc/pki/mysql/certs/c3po.example.com.MariaDB.crt
ssl-ca          = /etc/pki/mysql/certs/Customer_MariaDB.CA.crt

Enter this as a command on the slave:
CHANGE MASTER TO
  MASTER_HOST='c3po.example.com',
  MASTER_USER='yoda',
  MASTER_PASSWORD='password1234',
  MASTER_LOG_FILE='c3po-log-bin.000910',
  MASTER_LOG_POS=52911945,
  MASTER_SSL=1,
MASTER_SSL_CA='/etc/pki/mysql/certs/Customer_MariaDB.CA.crt',
MASTER_SSL_CERT='/etc/pki/mysql/certs/yoda.example.com.MariaDB.crt',
MASTER_SSL_KEY='/etc/pki/mysql/private/yoda.example.com.MariaDB.pem'
;
Of course change log_file, log_pos, password, etc.

Hope this gets you pointed in the right direction,
Bill



On 8/22/2017 12:21 PM, Davide Marchi wrote:

[..]


Hi Davide,

Diagnosing something like this typically requires the complete output of
'shorewall dump'.  However, based on the syslog messages it looks like
you simply need to add the 'routeback' option to the eth0 line in
/etc/shorewall/interfaces on both hosts.  If that does not resolve the
problem, please post the complete output of 'shorewall dump' so that we
can help you identify the cause.

Regards,

-Roberto


 Thanks Roberto for your (very very appreciate) help!
I've made as you suggest, but there seems to be other problems around this 
MySQL Replication.
I've open a specific post on MySQL forum (I need to clarify other points, in particular how connect mysql via ssl, and I would not want to weigh the mailing list with arguments that are not inherent to shorewall) and then come back here with a detailed report ;-) 

See you soon


Davide



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to