MySQL, BCB6 ans SSL Connection

JonKerry · Post by **JonKerry** » Mon 27 Mar 2006 10:08

Hi David

Just so you know my Windows reference in my last post was not in response to your posting. It was to the following..

Ikar wrote:Please try just Windows version.

Thanks for letting me know about the mySQL developments will come in handy to beable to test on the road so to speak

Jon

david_labbe · Post by **david_labbe** » Mon 27 Mar 2006 11:00

JonKerry wrote:Hi David

Just so you know my Windows reference in my last post was not in response to your posting. It was to the following..

Ikar wrote:Please try just Windows version.
Thanks for letting me know about the mySQL developments will come in handy to beable to test on the road so to speak

Jon

No worries Jon!
________
Motorcycle Tires

david_labbe · Post by **david_labbe** » Mon 27 Mar 2006 16:28

Hi all,

success at last but only in one condition:

Mysql server running on my windows development machine.
This is the win32 binary with no ssl support

Stunnel ( http://www.stunnel.org ) to emulate an encryption of the connection to the server (i.e., if I understood well, stunnel acts as a layer on the server side, listening on a port and encrypt/decrypt ssl, thus allowing ssl support on mysql)

The following parameters in the stunnel.conf file:

Code: Select all

cert = \client-cert.pem
key = \client-key.pem
CAfile = \cacert.pem

[mysqls]
accept=3306
connect=localhost:3306

and then it works irrespective of whether I use direct=true or false...

I had to eliminate all the libmysql.dll files on the system to make sure there wasn't one that would interfere and I put the latest one I could find in the windows\system32 directory

It works... now, I still don't understand why it doesnot work on the linux box, given that the server is well configured and connects through ssl with other client apps...
________
HAWAII MEDICAL MARIJUANA DISPENSARIES

david_labbe · Post by **david_labbe** » Mon 27 Mar 2006 16:36

The funny thing though is that my other client apps among which EnglnSite cannot connect to the localhost mysql server through ssl anymore using that config...

What a mess! None of this make sense!

I am officially turning nuts!!!
________
HOME MADE VAPORIZER

JonKerry · Post by **JonKerry** » Tue 28 Mar 2006 10:59

Please can someone update me with the current situation of this problem

As far as I am aware - the SSL connection into server works fine from command line and therefore the ball is back in your court

It has now become even more essential that this is resolved quickly due to my project deadline being brought forward

Any assistance is greatly appreciated

Many Thanks

Jon

Ikar · Post by **Ikar** » Tue 28 Mar 2006 14:02

We are thoroughly investigating the problem right now.
For complete research of your case we need following information:
1) Exact version of operating system where your server resides
2) Did you compile MySQL server yourself? If yes, which SSL alternative you chose: OpenSSL or yaSSL? If no, where did you get the compiled MySQL server?
3) Detailed version and settings information about your MySQL server

JonKerry · Post by **JonKerry** » Tue 28 Mar 2006 14:14

The MySQL server is running on Linux Fedora Core 4

The MySQL Server itself was not compilied by me but downloaded from Xampp for Linux http://www.apachefriends.org/en/xampp-linux.html

I believe that the MySQL server version is 5.0.18 with SSL already compilied

I have set up a test user with specific access to a single database on the server and set the REQUIRE SSL for this specific user.

To double check the servers SSL functionality and my certs I have connected using the command line which has verified that SSL is functioning correctly

JonKerry · Post by **JonKerry** » Thu 30 Mar 2006 09:44

Has any further progress been made?

Many Thanks

Jon

Ikar · Post by **Ikar** » Thu 30 Mar 2006 13:25

We have checked MySQL server 5.0.19 compiled from sources with OpenSSL under Red Hat Advanced Server Enterprise Linux 3.0 without any problems.

Please connect to your MySQL SSL server (without using SSL) and specify values from Info tab in your MyConnection design-time editor.

Also specify compatibility list from Xampp.

JonKerry · Post by **JonKerry** » Thu 30 Mar 2006 17:12

I am able to connect with a standard user with Direct = True and Protocol = mpDefault

have openssl property on server = YES

what else do you need to know - unsure what you mean by compatibility list?!?

JonKerry · Post by **JonKerry** » Thu 30 Mar 2006 17:44

If you have managed to get the SSL to work fully....

...have you checked the data stream on the network port with Compression set to FALSE on MyDAC to ensure that the data is still encrypted - this is how I was able to tell that the somethings was amiss

Many Thanks

Jon

Ikar · Post by **Ikar** » Fri 31 Mar 2006 14:50

Of course we have checked the traffic. Connection is really encrypted.

JonKerry · Post by **JonKerry** » Fri 31 Mar 2006 19:53

I was just making sure I had to double check because I was unsure when I first saw it.

Are you any closer to resolving this current issue - It is really important that I get a resolution asap so that I can purchase the full product and get it fully running

Many Thanks

Jon

JonKerry · Post by **JonKerry** » Mon 03 Apr 2006 11:56

What is the current status of this problem?

Is there anything I need to do? Really Urgent now!!!

Many Thanks

Jon

Ikar · Post by **Ikar** » Tue 04 Apr 2006 09:16

We have thoroughly tested MyDAC with xampp for linux. Everything works fine in your situation.
If you want this problem to be solved you have to assist us. Perform the following actions:
1. Send us output of SHOW VARIABLES statement, as we requested before. Note that "have openssl property on server = YES" is not enough, what we need is full output generated by the server.
2. Send us all 5 files of certificates used - client, server and authority.
3. Specify how did you configure server to use the certificates.