MySQL SSL replication and stunnel


Aug 28, 2012
cPanel Access Level
Root Administrator

Hours of fruitless efforts with OpenSSL and MySQL have led me to believe that MySQL's native support for SSL is broken, at least where self-signed certs are concerned - can anyone confirm/deny this/have any recent experience? The best I seem to get is error 2025 "protocol verison mismatch".

So I've moved-on to trying to achieve the same thing (remote replication) using stunnel. It works perfectly between two Ubuntu servers, but I have a CentOS 6.2 master running cPanel+WHM - this is the result of trying to connect where client:3307 --> master:9876 --> master:3306 (MySQL)

ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 104

MySQL is alive and well on the CentOS master, there is virtually nothing in /etc/my.cnf except for the innodb files per table thing - I've encountered this error before while testing on local VM's and cured it by pointing the master's bind address to rather than its public facing IP. I don't know where to find the bind address where cPanel is concerned and, in any case, I presume that it isn't configurable on a per-user basis, so that there might be some unintended consequences for hosted sites relying on it.

Any thoughts/tips/links/advice much appreciated.