it wasn't OpenSSL that was used to generate them back when and since it works with TLSv1 but not TLSv1.1 that kind of thing cannot be the problem. This is definitely NOT a problem with OpenSSL 0.9.x v OpenSSL 1.0.x generating the certs (e.g., PKCS#1 v. CentOS 6 OpenSSL on this server doesn't support TLSv1.2 I'll be updating it to get that support or moving it to a CentOS 7 system. When I switch it back to TLSv1.0 or remove the "tls_version" setting, everything works. On my Mac, Workbench shows "SSL connection error: protocol version mismatch").
#INSTALL SSL MYSQL ON MAC MAC#
When the "tls_version" variable in the sections of the my.cnf file is set to TLSv1.1, the MySQL Workbench on Mac cannot connect (Windows still works fine).
#INSTALL SSL MYSQL ON MAC WINDOWS#
= When the "tls_versoin" variable in the section of the my.cnf file is set to TLSv1, the MySQL Workbench on both Mac and Windows connects without issue. When the "tls_version" variable in the section of the my.cnf file is not set, the MySQL Workbench on both Mac and Windows connects without issue. Using wildcard SSL certificate (for *.), which is signed by Symantec Class 3 G4 Intermediate CA for the MySQL server. OpenSSL version reports "OpenSSL 1.0.1e-fips " MySQL Community Edition 5.7.11 from yum repos on CentOS 6. Using MySQL Workbench v6.3.7 build 1199 on Windows 7. OpenSSL version reports "OpenSSL 0.9.8zh " (Check for Updates says this is the most up-to-date version). Using MySQL Workbench v6.3.6 build 511 CE (64bit) on my Mac (macOS 10.12).
This is the first server for this configuration. We want to only allow TLSv1.2 (and newer, whenever TLSv1.3 is available) for SSL connections to our MySQL servers.
0 kommentar(er)
