I am using the [MySQL 5.7 SSL Setup Guide](https://dev.mysql.com/doc/refman/5.7/en/using-encrypted-connections.html) (combined with a few other guides on the website + google searches).
I have a replica and source working, I am now trying to configure SSL.
My understanding is that MySQL generates the certs we need on startup so I am attempting to use those. I also tried to use the certbot certs I have setup for my domains but those failed (is it possible to use certbot/letsencrypt certs here?). I am just trying to get any SSL connection at this point.
I have my config files setup like so (I've tried a number of configs now)
# This is in the source
[mysqld]
ssl_ca=/var/lib/mysql/ca.pem
ssl_cert=/var/lib/mysql/server-cert.pem
ssl_key=/var/lib/mysql/server-key.pem
require_secure_transport=ON
# This is in the replica
[client]
ssl-ca=/var/lib/mysql/ca.pem
ssl-cert=/var/lib/mysql/client-cert.pem
ssl-key=/var/lib/mysql/client-key.pemmysql -u root -p I get this error: ERROR 2026 (HY000): SSL connection error: SSL_CTX_set_default_verify_paths failed
Looking through the logs on my replica I see that the connection to the source is failing with error code 3159.
Running mysql > status; on source I see that SSL is not in use.
Asked by Bix
(113 rep)
Feb 26, 2021, 12:57 AM
Last activity: Apr 20, 2025, 12:04 PM
Last activity: Apr 20, 2025, 12:04 PM