Public bug reported: The --ssl-capath option to mysql no longer works. The problem seems to exist whether the option is passed as a command line flag or the equivalent option is set in a file (e.g. .my.cnf). If I use the --ssl- ca option to explicitly set a CA file, I don't have any problems.
$ mysql -h localhost --ssl-capath=/etc/ssl/certs/ ERROR 2026 (HY000): SSL connection error: Failed to set ciphers to use $ mysql -h localhost --ssl-capath=/etc/ssl/certs ERROR 2026 (HY000): SSL connection error: Failed to set ciphers to use $ mysql -h localhost --ssl-ca=/etc/ssl/certs/Equifax_Secure_CA.pem Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 44 Server version: 5.5.28-0ubuntu0.12.04.2 (Ubuntu) Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> \s -------------- mysql Ver 14.14 Distrib 5.5.28, for debian-linux-gnu (x86_64) using readline 6.2 Connection id: 44 Current database: Current user: taft@localhost SSL: Cipher in use is DHE-RSA-AES256-SHA Current pager: less Using outfile: '' Using delimiter: ; Server version: 5.5.28-0ubuntu0.12.04.2 (Ubuntu) Protocol version: 10 Connection: Localhost via UNIX socket Server characterset: latin1 Db characterset: latin1 Client characterset: latin1 Conn. characterset: latin1 UNIX socket: /var/run/mysqld/mysqld.sock Uptime: 37 min 5 sec Threads: 1 Questions: 119 Slow queries: 0 Opens: 171 Flush tables: 1 Open tables: 41 Queries per second avg: 0.053 -------------- mysql> show variables like "%ssl%"; +---------------+--------------------------------------+ | Variable_name | Value | +---------------+--------------------------------------+ | have_openssl | YES | | have_ssl | YES | | ssl_ca | /etc/ssl/certs/Equifax_Secure_CA.pem | | ssl_capath | | | ssl_cert | /etc/ssl/certs/csbio.unc.edu.crt | | ssl_cipher | | | ssl_key | /etc/ssl/private/csbio.unc.edu.key | +---------------+--------------------------------------+ ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: mysql-client-core-5.5 5.5.28-0ubuntu0.12.04.2 ProcVersionSignature: Ubuntu 3.2.0-32.51-generic 3.2.30 Uname: Linux 3.2.0-32-generic x86_64 NonfreeKernelModules: openafs fglrx ApportVersion: 2.0.1-0ubuntu14 Architecture: amd64 Date: Thu Nov 8 15:25:43 2012 Logs.var.log.daemon.log: Logs.var.log.kern.log: MySQLConf.etc.mysql.conf.d.mysqld.safe.syslog.cnf: [mysqld_safe] syslog MySQLVarLibDirListing: False ProcEnviron: LANGUAGE=en_US: TERM=xterm-256color PATH=(custom, user) LANG=en_US SHELL=/bin/bash SourcePackage: mysql-5.5 UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.apparmor.d.usr.sbin.mysqld: [modified] modified.conffile..etc.logrotate.d.mysql.server: [modified] mtime.conffile..etc.apparmor.d.usr.sbin.mysqld: 2012-11-08T11:15:12.470326 mtime.conffile..etc.logrotate.d.mysql.server: 2012-07-30T18:26:03 ** Affects: mysql-5.5 (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug precise -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1076656 Title: mysql --ssl-capath option doesn't work To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mysql-5.5/+bug/1076656/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs