Percona Server moved to https://jira.percona.com/projects/PS

SSL MTR tests broken on CentOS 7

Bug #1341131 reported by Laurynas Biveinis on 2014-07-12

This bug affects 1 person

	Status	Importance	Assigned to
MySQL Server	Unknown	Unknown	mysql-bugs #73280
Percona Server moved to https://jira.percona.com/projects/PS	Triaged	High	Unassigned
5.1	Invalid	Undecided	Unassigned
5.5	Won't Fix	High	Unassigned
5.6	Won't Fix	High	Unassigned
5.7	Won't Fix	High	Unassigned

Bug Description

main.ssl [ fail ]
Test ended at 2014-07-12 17:31:25

CURRENT_TEST: main.ssl
mysqltest: At line 9: query 'connect ssl_con,localhost,root,,,,,SSL' failed: 2026: SSL connection error: error:00000001:lib(0):func(0):reason(1)

Affected tests:

rpl.rpl_heartbeat_ssl 'mix'
rpl.rpl_heartbeat_ssl 'row'
rpl.rpl_heartbeat_ssl 'mix'
rpl.rpl_heartbeat_ssl 'stmt'
rpl.rpl_heartbeat_ssl 'row'
rpl.rpl_ssl 'mix'
rpl.rpl_heartbeat_ssl 'stmt'
rpl.rpl_ssl 'row'
rpl.rpl_ssl 'mix'
rpl.rpl_ssl 'stmt'
rpl.rpl_ssl 'row'
rpl.rpl_ssl1 'mix'
rpl.rpl_ssl 'stmt'
rpl.rpl_ssl1 'row'
rpl.rpl_ssl1 'mix'
rpl.rpl_ssl1 'stmt'
rpl.rpl_ssl1 'row'
main.ssl_8k_key
main.ssl_8k_key
main.ssl_cipher
main.ssl_cipher
rpl.rpl_ssl1 'stmt'
main.ssl
main.ssl
main.ssl_compress
main.ssl_compress
main.ssl_connect
main.ssl_connect
main.percona_mysqlbinlog_ssl_compress
main.percona_mysqlbinlog_ssl_compress
main.openssl_1
main.openssl_1
main.percona_ssl_connections_count
main.percona_ssl_connections_count

Tags:

Laurynas Biveinis (laurynas-biveinis) on 2014-07-12

tags:

added: ci ssl

Revision history for this message

Laurynas Biveinis (laurynas-biveinis) wrote on 2014-07-12:

SSL error on the server side is
error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error

on the client side
error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm
followed by
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Laurynas Biveinis (laurynas-biveinis) on 2014-07-13

tags:

added: upstream

Revision history for this message

Laurynas Biveinis (laurynas-biveinis) wrote on 2014-07-13:

An upstream bug, and it seems proper fix will require testsuite certificate regeneration, which is best left for upstream to fix IMHO.

A workaround is available of setting environment variable OPENSSL_ENABLE_MD5_VERIFY if needed.

Revision history for this message

Laurynas Biveinis (laurynas-biveinis) wrote on 2014-07-13:

openssl_1 test still failing with a workaround because it's testing a removed cipher, reported as http://bugs.mysql.com/bug.php?id=73281. Not worth fixing by us until the current bug is fixed.

Revision history for this message

Shahriyar Rzayev (rzayev-sehriyar) wrote on 2018-01-25:

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PS-801

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.