[debian-mysql] Bug#927289: mariadb-server-10.3: SSL error: Unable to get private key
Olaf van der Spek
olafvdspek at gmail.com
Wed Apr 17 13:53:52 BST 2019
Package: mariadb-server-10.3
Version: 1:10.3.13-2
Severity: normal
Dear Maintainer,
I followed https://www.cyberciti.biz/faq/how-to-setup-mariadb-ssl-and-secure-connections-from-clients/ but something went wrong:
2019-04-17 12:24:55 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
SSL error: Unable to get private key from '/etc/mysql/ssl/server-key.pem'
2019-04-17 12:24:55 0 [Warning] Failed to setup SSL
2019-04-17 12:24:55 0 [Warning] SSL error: Unable to get private key
What went wrong?
# cat /etc/mysql/ssl/server-key.pem
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
Is a better guide available?
Could this be automated?
Greetings,
Olaf
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages mariadb-server-10.3 depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.71
ii galera-3 25.3.25-2
ii gawk 1:4.2.1+dfsg-1
ii iproute2 4.20.0-2
ii libc6 2.28-8
ii libdbi-perl 1.642-1+b1
ii libgnutls30 3.6.6-2
ii libpam0g 1.3.1-5
ii libstdc++6 8.3.0-6
ii lsb-base 10.2019031300
ii lsof 4.91+dfsg-1
ii mariadb-client-10.3 1:10.3.13-2
ii mariadb-common 1:10.3.13-2
ii mariadb-server-core-10.3 1:10.3.13-2
ii passwd 1:4.5-1.1
ii perl 5.28.1-6
ii psmisc 23.2-1
ii rsync 3.1.3-6
ii socat 1.7.3.2-2
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages mariadb-server-10.3 recommends:
ii libhtml-template-perl 2.97-1
Versions of packages mariadb-server-10.3 suggests:
ii mailutils [mailx] 1:3.5-3
pn mariadb-test <none>
pn netcat-openbsd <none>
pn tinyca <none>
-- Configuration Files:
/etc/mysql/mariadb.conf.d/50-server.cnf changed:
[server]
[mysqld]
user = mysql
pid-file = /run/mysqld/mysqld.pid
socket = /run/mysqld/mysqld.sock
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
query_cache_size = 16M
log_error = /var/log/mysql/error.log
expire_logs_days = 10
ssl-ca=/etc/mysql/ssl/ca-cert.pem
ssl-cert=/etc/mysql/ssl/server-cert.pem
ssl-key=/etc/mysql/ssl/server-key.pem
character-set-server = utf8mb4
collation-server = utf8mb4_general_ci
-- debconf information:
mariadb-server-10.3/nis_warning:
mariadb-server-10.3/postrm_remove_databases: false
mariadb-server-10.3/old_data_directory_saved:
More information about the pkg-mysql-maint
mailing list