SSL problem.
I now have problems with SSL and mysql.
I can connect from sol to cumulus with ssl:
erl@sol:~$ mysql -h 172.16.1.21 --ssl --ssl-ca=/tmp/ca-cert.pem -P 3306 -p
But I can't do the same thing from cirrus via port 3306 forwarded from sol to cumulus:
erl@cirrus:~$ mysql --ssl --ssl-ca=ca-cert.pem -h www.lewin.nu -p -P 3306
Enter password:
ERROR 2026 (HY000): SSL connection error
Does the problem have to do with port forwarding?
From symphony.stenius.org, I can:
[erl@symphony erl]$ mysql -h www.lewin.nu -p
Enter password:
ERROR 1251: Client does not support authentication protocol requested by server; consider upgrading MySQL client
Which indicates that the port forwarding works, but that symphony doesn't have an ssl enabled mysql client.
Doing the same thing on cirrus:
erl@cirrus:~$ mysql -h www.lewin.nu -p
Enter password:
ERROR 1045 (28000): Access denied for user 'erl'@'1-1-6-5a.o.sth.bostream.se' (using password: YES)
Looks like the port forwarding works to me. How to debug the ssl?
Found this on debugging ssl connections:
http://www.cyberciti.biz/tips/debugging-ssl-communications-from-unix-shell-prompt.html
So I try this:
erl@cirrus:~$ openssl s_client -ssl2 -connect sol.lewin.nu:3306
CONNECTED(00000003)
17539:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428:
Sigh. Stuck here.