Configured MySQL for SSL , but SSL is still DISABLED..!

Solution 1:

See solution here: https://askubuntu.com/questions/194074/enabling-ssl-in-mysql

You need convert certificates to the old format:

openssl rsa -in client-key.pem -out client-key.pem
openssl rsa -in server-key.pem -out server-key.pem

Solution 2:

Try checking this:

• Enable warning output logging of MySQL, and read those actual log entries.
• Check filesystem permissions to let the user as which MySQL runs (mysql?) read the files. In /root I don't think it has by default.
• Is Apparmor or SELinux preventing MySQL to read the certs and keys?
• You may be hit by a nasty bug of a recent OpenSSL vs. MySQL incompatibility. I've been unable to generate keys on Ubuntu 12.04 which MySQL could read, whereas the ones I generate on Debian Squeeze work fine.

Solution 3:

On Ubuntu, you may check if apparmor blocks access to your cert files, see the manual.

Then you should check file permissions/ownership and add necessary rights to /etc/apparmor.d/usr.sbin.mysqld. See this thread.

Solution 4:

I had this problem, and it helped changing ownership on the .pem files:

chown mysql.mysql /var/lib/mysql/*.pem  (or in your case /root/abc/ssl_certs/*.pem)

(From Craig Wright - https://askubuntu.com/questions/194074/enabling-ssl-in-mysql)

Solution 5:

Pavel Bernshtam suggested a perfect solution

openssl rsa -in client-key.pem -out client-key.pem
openssl rsa -in server-key.pem -out server-key.pem

but I needed also to assign the owner to the certs folder, otherwise mysql can't read the key file

chown -R mysql:mysql /path/to/certs