Percona XtraBackup moved to https://jira.percona.com/projects/PXB

xtrabackup uses SSL even though ssl=false is set in my.cnf

Bug #1646480 reported by Stefan Andres on 2016-12-01

This bug report is a duplicate of: Bug #1551706: xtrabackup uses a default user even if different user is defined in users config file. Edit Remove

This bug affects 1 person

	Status	Importance	Assigned to
Percona XtraBackup moved to https://jira.percona.com/projects/PXB	Status tracked in 2.4
2.3	New	Undecided	Unassigned
2.4	New	Undecided	Unassigned

Bug Description

On our =>percona-server-5.6 we have the following in /etc/mysql/my.cnf

ssl = false
ssl-ca = /etc/mysql/cacert.pem
ssl-cert = /etc/mysql/server-cert.pem
ssl-key = /etc/mysql/server-key.pem

Also see:
root@dbs:/# xtrabackup --help|grep ssl|grep -v -- --
xtrabackup version 2.4.5 based on MySQL server 5.7.13 Linux (x86_64) (revision id: e41c0be)
ssl FALSE
ssl-verify-server-cert FALSE
ssl-ca /etc/mysql/cacert.pem
ssl-capath (No default value)
ssl-cert /etc/mysql/server-cert.pem
ssl-cipher (No default value)
ssl-key /etc/mysql/server-key.pem
ssl-crl (No default value)
ssl-crlpath (No default value)

Since xtrabackup-2.4.5 it will use ssl even though ssl it set to false (it probably only checks for ssl-cert/ssl-key/ssl-ca).

root@dbs:/# xtrabackup --backup
WARNING: --ssl is deprecated and will be removed in a future version. Use --ssl-mode instead.
Unrecognized character \x01; marked by <-- HERE after <-- HERE near column 1 at - line 1374.
161201 13:44:16 Connecting to MySQL server host: localhost, user: root, password: set, port: 3306, socket: /var/run/mysqld/mysqld.sock
Failed to connect to MySQL server: SSL connection error: SSL is required but the server doesn't support it.
root@dbs:/#

Only xtrabackup --backup --skip-ssl works (which only exists for 2.4.5, so it's difficult to automate for older versions).