Hello,
Hours of fruitless efforts with OpenSSL and MySQL have led me to believe that MySQL's native support for SSL is broken, at least where self-signed certs are concerned - can anyone confirm/deny this/have any recent experience? The best I seem to get is error 2025 "protocol verison mismatch".
So I've moved-on to trying to achieve the same thing (remote replication) using stunnel. It works perfectly between two Ubuntu servers, but I have a CentOS 6.2 master running cPanel+WHM - this is the result of trying to connect where client:3307 --> master:9876 --> master:3306 (MySQL)
ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 104
MySQL is alive and well on the CentOS master, there is virtually nothing in /etc/my.cnf except for the innodb files per table thing - I've encountered this error before while testing on local VM's and cured it by pointing the master's bind address to 127.0.0.1 rather than its public facing IP. I don't know where to find the bind address where cPanel is concerned and, in any case, I presume that it isn't configurable on a per-user basis, so that there might be some unintended consequences for hosted sites relying on it.
Any thoughts/tips/links/advice much appreciated.
Gareth
Hours of fruitless efforts with OpenSSL and MySQL have led me to believe that MySQL's native support for SSL is broken, at least where self-signed certs are concerned - can anyone confirm/deny this/have any recent experience? The best I seem to get is error 2025 "protocol verison mismatch".
So I've moved-on to trying to achieve the same thing (remote replication) using stunnel. It works perfectly between two Ubuntu servers, but I have a CentOS 6.2 master running cPanel+WHM - this is the result of trying to connect where client:3307 --> master:9876 --> master:3306 (MySQL)
ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 104
MySQL is alive and well on the CentOS master, there is virtually nothing in /etc/my.cnf except for the innodb files per table thing - I've encountered this error before while testing on local VM's and cured it by pointing the master's bind address to 127.0.0.1 rather than its public facing IP. I don't know where to find the bind address where cPanel is concerned and, in any case, I presume that it isn't configurable on a per-user basis, so that there might be some unintended consequences for hosted sites relying on it.
Any thoughts/tips/links/advice much appreciated.
Gareth
