xca icon indicating copy to clipboard operation
xca copied to clipboard

Published 20 hours ago verified publisher icon chris2511

XCA 2.4.0 Does Not Work with SSL Mandatory Secured MySQL

Open jim-doyle opened this issue 2 years ago • 0 comments

  1. A MySQL 8 instance was provisioned with mandatory SSL connection enforcement configured in my.cnf as follows:

ssl ssl_ca = /var/lib/mysql/security/keycloak_realm_root_ca.cer ssl_cert = /var/lib/mysql/security/keycloak_realm_mysql_server_1.cer ssl_key = /var/lib/mysql/security/keycloak_realm_mysql_server_1.key require_secure_transport = ON ssl_cipher = ECDHE-RSA-AES256-GCM-SHA384 tls_version = TLSv1.2

  1. Create a user and schema for an enternal XCA to connect:

create database XCA; create user 'XCAUSER'@'%' IDENTIFIED BY 'rmm+++MgLB+7UoMD'; grant all privileges on XCA.* to 'XCAUSER'@'%'; flush privileges;

  1. Using XCA Portable 2.4.0 Release for Windows, attempt to Connect:

image

  1. Try to change the MySQL User profile so that SSL is required drop user 'XCAUSER'; create user 'XCAUSER'@'%' IDENTIFIED BY 'rmm+++MgLB+7UoMD' REQUIRE SSL; flush privileges;

image

  1. Verify the XCAUSER can connect to the database using MySQL Workbench and the Command Line Prompt.

jim-doyle avatar Dec 06 '21 17:12 jim-doyle