Here is my steps to reproduce the problem with MySQL SSL and Percona-Server-shared-compat.
[root@centos6 ~]# cat mysqli-ssl.php <?php $conn=mysqli_init(); mysqli_ssl_set($conn, '/etc/mysql-ssl/client-key.pem', '/etc/mysql-ssl/client-cert.pem', NULL, NULL, NULL); if (!mysqli_real_connect($conn, '192.168.56.101', 'percona_ssl', '12345')) { die(); } $res = mysqli_query($conn, 'SHOW STATUS like "Ssl_cipher"'); print_r(mysqli_fetch_row($res)); mysqli_close($conn); [root@centos6 ~]# php mysqli-ssl-test.php PHP Warning: mysqli_real_connect(): (28000/1045): Access denied for user 'percona_ssl'@'10.38.11.76' (using password: YES) in /home/percona/mysqli-ssl-test.php on line 7
[root@centos6 ~]# rpm -e Percona-Server-shared-compat-5.5.31-rel30.3.520.rhel6.x86_64 --nodeps [root@centos6 ~]# rpm -ivh compat-mysql51-5.1.54-1.el6.remi.x86_64.rpm warning: compat-mysql51-5.1.54-1.el6.remi.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 00f97f56: NOKEY Preparing... ########################################### [100%] 1:compat-mysql51 ########################################### [100%] [root@centos6 ~]# php mysqli-ssl-test.php Array ( [0] => Ssl_cipher [1] => DHE-RSA-AES256-SHA ) [root@centos6 ~]# openssl x509 -text -in /etc/mysql-ssl/client-cert.pem|grep CN Issuer: C=UA, ST=Lviv, L=Lviv, O=Percona, OU=Remote DBA, <email address hidden> Subject: C=UA, ST=Lviv, L=Lviv, O=Percona, OU=Remote DBA, <email address hidden>
The server and client certificates are generated with the different CNs. centos6.vm - server's cert CN, clone.vm - client's cert CN. Something wrong with Percona-Server-shared-compat's libmysqlclient.so.16. Hope this helps.
Here is my steps to reproduce the problem with MySQL SSL and Percona- Server- shared- compat.
[root@centos6 ~]# cat mysqli-ssl.php init(); ssl_set( $conn,
'/etc/ mysql-ssl/ client- key.pem' ,
'/etc/ mysql-ssl/ client- cert.pem' ,
NULL, NULL, NULL); real_connect( $conn, '192.168.56.101', 'percona_ssl', '12345')) mysqli_ fetch_row( $res)); close($ conn); real_connect( ): (28000/1045): Access denied for user 'percona_ ssl'@'10. 38.11.76' (using password: YES) in /home/percona/ mysqli- ssl-test. php on line 7
<?php
$conn=mysqli_
mysqli_
if (!mysqli_
{
die();
}
$res = mysqli_query($conn, 'SHOW STATUS like "Ssl_cipher"');
print_r(
mysqli_
[root@centos6 ~]# php mysqli-ssl-test.php
PHP Warning: mysqli_
[root@centos6 ~]# rpm -e Percona- Server- shared- compat- 5.5.31- rel30.3. 520.rhel6. x86_64 --nodeps mysql51- 5.1.54- 1.el6.remi. x86_64. rpm mysql51- 5.1.54- 1.el6.remi. x86_64. rpm: Header V3 DSA/SHA1 Signature, key ID 00f97f56: NOKEY ####### ####### ####### ####### ####### # [100%] ####### ####### ####### ####### ####### # [100%] ssl/client- cert.pem| grep CN
[root@centos6 ~]# rpm -ivh compat-
warning: compat-
Preparing... #######
1:compat-mysql51 #######
[root@centos6 ~]# php mysqli-ssl-test.php
Array
(
[0] => Ssl_cipher
[1] => DHE-RSA-AES256-SHA
)
[root@centos6 ~]# openssl x509 -text -in /etc/mysql-
Issuer: C=UA, ST=Lviv, L=Lviv, O=Percona, OU=Remote DBA, <email address hidden>
Subject: C=UA, ST=Lviv, L=Lviv, O=Percona, OU=Remote DBA, <email address hidden>
The server and client certificates are generated with the different CNs. centos6.vm - server's cert CN, clone.vm - client's cert CN. Server- shared- compat' s libmysqlclient. so.16.
Something wrong with Percona-
Hope this helps.