This is a read-only copy of the MariaDB Knowledgebase generated on 2024-11-15. For the latest, interactive version please visit https://mariadb.com/kb/.

SSL configuration issue

MariaDB SSL Configuration Issue

I tried to set up a self-signed SSL for my MariaDB server on Ubuntu 24.04, but the SSL remains disabled even though I set the path.

Here's what I have done so far:

1. Checked the permissions of the SSL certificate files:

evan@server:~$ ls -l /etc/mysql/ssl/ca-cert.pem
-rw------- 1 mysql mysql 1245 Jun  5 00:57 /etc/mysql/ssl/ca-cert.pem

evan@server:~$ ls -l /etc/mysql/ssl/server-cert.pem
-rw------- 1 mysql mysql 1099 Jun  5 00:58 /etc/mysql/ssl/server-cert.pem

evan@server:~$ ls -l /etc/mysql/ssl/server-key.pem
-rw------- 1 mysql mysql 1704 Jun  5 00:58 /etc/mysql/ssl/server-key.pem

2. Verified the MariaDB server version:

Server version: 10.11.7-MariaDB-2ubuntu2 Ubuntu 24.04

3. Checked the SSL variables in MariaDB:

MariaDB [(none)]> SHOW VARIABLES LIKE '%ssl%';
+---------------------+----------------------------+
| Variable_name       | Value                      |
+---------------------+----------------------------+
| have_openssl        | YES                        |
| have_ssl            | DISABLED                   |
| ssl_ca              |                            |
| ssl_capath          |                            |
| ssl_cert            |                            |
| ssl_cipher          |                            |
| ssl_crl             |                            |
| ssl_crlpath         |                            |
| ssl_key             |                            |
| version_ssl_library | OpenSSL 3.0.13 30 Jan 2024 |
+---------------------+----------------------------+

4. My configuration settings in /etc/mysql/my.cnf:

ssl-ca=/etc/mysql/ssl/ca-cert.pem
ssl-cert=/etc/mysql/ssl/server-cert.pem
ssl-key=/etc/mysql/ssl/server-key.pem
require-secure-transport = off

Question

Why is the SSL staying disabled even though I have set the path to the certificate files? What steps do I need to follow to enable SSL for my MariaDB server?

Debugging Steps

Please provide any necessary debugging steps or configuration changes to resolve this issue.

Thank you!

Answer Answered by Daniel Black in this comment.

What does the MariaDB server log show on startup?

Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.