Comment 39 for bug 1169505

Elena Stepanova (elenst) wrote :

From my experiments, it's not about a difference between server and client certificates, but about a difference (or rather a lack of thereof) between CA cert and server cert, and between CA cert and client cert.
I recommend to those who experience the problem to run

openssl verify -CAfile <path to ca-cert.pem> <path to server cert> <path to client cert>

If you are getting "error 18 at 0 depth lookup:self signed certificate" for at least one cert, my further suggestions can be found at https://mariadb.atlassian.net/browse/MDEV-4709, specifically http://tinyurl.com/pwsp7sv.