The sslverify=1 Option Fails For Self Signed Certificates (Doc ID 2188435.1)

Last updated on MARCH 08, 2017

Applies to:

MySQL Server - Version 5.7 and later
Information in this document applies to any platform.

Symptoms

On : 5.7 version, SSL

When attempting to use SSL connection, the following error occurs.

ERROR
-----------------------
SSL connection error: SSL certificate validation failure


STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Create/use certificates that have a defined host in CN e.g. CN=server.domain.com
2. Change my.cnf to use certificates and restart
3. Attempt to connect using certificate validation (sslverify=1 for example)

BUSINESS IMPACT
-----------------------
The issue has the following business impact:
Due to this issue, users cannot use SSL to the full extent of security.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms