SSL MTR tests broken on CentOS 7

Bug #1341131 reported by Laurynas Biveinis
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MySQL Server
Unknown
Unknown
Percona Server moved to https://jira.percona.com/projects/PS
Triaged
High
Unassigned
5.1
Invalid
Undecided
Unassigned
5.5
Won't Fix
High
Unassigned
5.6
Won't Fix
High
Unassigned
5.7
Won't Fix
High
Unassigned

Bug Description

main.ssl [ fail ]
        Test ended at 2014-07-12 17:31:25

CURRENT_TEST: main.ssl
mysqltest: At line 9: query 'connect ssl_con,localhost,root,,,,,SSL' failed: 2026: SSL connection error: error:00000001:lib(0):func(0):reason(1)

Affected tests:

rpl.rpl_heartbeat_ssl 'mix'
rpl.rpl_heartbeat_ssl 'row'
rpl.rpl_heartbeat_ssl 'mix'
rpl.rpl_heartbeat_ssl 'stmt'
rpl.rpl_heartbeat_ssl 'row'
rpl.rpl_ssl 'mix'
rpl.rpl_heartbeat_ssl 'stmt'
rpl.rpl_ssl 'row'
rpl.rpl_ssl 'mix'
rpl.rpl_ssl 'stmt'
rpl.rpl_ssl 'row'
rpl.rpl_ssl1 'mix'
rpl.rpl_ssl 'stmt'
rpl.rpl_ssl1 'row'
rpl.rpl_ssl1 'mix'
rpl.rpl_ssl1 'stmt'
rpl.rpl_ssl1 'row'
main.ssl_8k_key
main.ssl_8k_key
main.ssl_cipher
main.ssl_cipher
rpl.rpl_ssl1 'stmt'
main.ssl
main.ssl
main.ssl_compress
main.ssl_compress
main.ssl_connect
main.ssl_connect
main.percona_mysqlbinlog_ssl_compress
main.percona_mysqlbinlog_ssl_compress
main.openssl_1
main.openssl_1
main.percona_ssl_connections_count
main.percona_ssl_connections_count

Tags: ci ssl upstream
tags: added: ci ssl
Revision history for this message
Laurynas Biveinis (laurynas-biveinis) wrote :

SSL error on the server side is
error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error

on the client side
error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm
followed by
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

tags: added: upstream
Revision history for this message
Laurynas Biveinis (laurynas-biveinis) wrote :

An upstream bug, and it seems proper fix will require testsuite certificate regeneration, which is best left for upstream to fix IMHO.

A workaround is available of setting environment variable OPENSSL_ENABLE_MD5_VERIFY if needed.

Revision history for this message
Laurynas Biveinis (laurynas-biveinis) wrote :

openssl_1 test still failing with a workaround because it's testing a removed cipher, reported as http://bugs.mysql.com/bug.php?id=73281. Not worth fixing by us until the current bug is fixed.

Revision history for this message
Shahriyar Rzayev (rzayev-sehriyar) wrote :

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PS-801

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.