error 18 at 0 depth lookup: self signed certificate

-
I was trying to test SSL connection between MySQL client and server. For that I created SSL certificate and keys by following the MySQL documentation at:

Creating SSL Certificates and Keys Using openssl

After finishing up all the commands when I verify the certificates by using:

openssl verify -CAfile ca.pem server-cert.pem client-cert.pem

I got the following output:

error 18 at 0 depth lookup: self signed certificate
error server-cert.pem: verification failed
client-cert.pem: OK 

 Reason: The Common Name value used for the server and client certificates/keys must each differ from the Common Name value used for the CA certificate. Otherwise, the certificate and key files will not work for servers compiled using OpenSSL.

Solution: When OpenSSL prompts you for the Common Name for each certificate, use different names.

Common Name (e.g. server FQDN or YOUR name) []:

I used values as follows:
  • CA Cert:  ssl-ca-cert
  • Server Cert: ssl-ca-server-cert
  • Client Cert:  ssl-ca-client-cert
and voila!!! I got success when I verify the certificates this time.

openssl verify -CAfile ca.pem server-cert.pem client-cert.pem

 server-cert.pem: OK
client-cert.pem: OK 

Comments

  1. UnknownSeptember 25, 2020 at 8:59 PM

    Hi,
    what it will be for a cluster of multiple nodes?
    which key will be shared among the clsuter?
    thanks,
    Hank

    ReplyDelete

Post a Comment

Back To Top

Popular posts from this blog

mysql query stuck in statistics state

-
I was working on a customer case where I ran into an interesting problem - Query joining about 23 tables got stuck in statistics stage. The customer need to generate a report in pipe separated values format from their database. Since the database is hosted as AWS MySQL RDS, using SELECT ... INTO OUTFILE was not an option. Therefore I decided to dump the data by using mysql command line tool along with sed command to convert tab delimited to pipe delimited column values. mysql -e "select te.EId AS \"EID\", tea.AId AS \"AID\", tea.ActivationState AS \"Status\", tp.PRDName AS \"Product\", tea.FamilyId AS \"Product Family\", tp.Ver AS \"Product Version\", tc.CSTMRName AS \"Customer Name\", tc.CSTMRIdentifier AS \"Customer ID\", tea.ActivationDateTime AS \"Activation Date\", tea.quantity AS \"Activated Quantity\", caswuid.AttrValue AS \"SWUID\", cadm.AttrValue AS \"D...
Read more

How to check fragmentation in MySQL tables

-
MySQL tables, including MyISAM and InnoDB, two of the most common types, experience fragmentation as data is inserted, updated and deleted randomly. Fragmentation can leave large holes in your table, blocks which must be read when scanning the table. Optimizing your table can therefore make full table scans and range scans more efficient. We will mention how to check fragmentation in MySQL tables using SQL queries. USE < put_your_dbname_here > SELECT TABLE_NAME, CONCAT(ROUND(( data_length + index_length ) / ( 1024 * 1024 ), 2), 'M') TOTAL_SIZE, CONCAT(ROUND(( DATA_FREE ) / ( 1024 * 1024 ), 2), 'M') DATA_FREE FROM information_schema.TABLES where table_schema = database() and ROUND(( DATA_FREE ) / ( 1024 * 1024 ), 2) > 0.00 ORDER BY DATA_FREE DESC; SELECT TABLE_NAME, ROUND(((Data_length - (TABLE_ROWS * Avg_row_length))/Data_length) * 100, 2) FRAG_Percent FROM information_schema.TABLES where table_schema = database() and TABLE_ROWS > 0 ...
Read more