MariaDB instance on CentOS 7 has been running well for ages, and suddenly, starting about 30 minutes ago, my apps get this error trying to connect:
# mysql
ERROR 2026 (HY000): Unknown SSL error
My certs have been always under "/etc/my.cnf.d/certs/", generated by LetsEncrypt.
my.cnf:
ssl_cert = "/etc/my.cnf.d/certs/fullchain.pem"
ssl_key = "/etc/my.cnf.d/certs/privkey.pem"
I wonder if this related, since today is the day DST Root CA X3 expires.
I wonder how can I make MariaDB trust ISRG Root X1!
ghen
September 30, 2021, 3:49pm
2
nunoperalta:
MariaDB instance on CentOS 7 has been running well for ages, and suddenly, starting about 30 minutes ago, my apps get this error trying to connect:
Run yum update ca-certificates, and you should be fine (this will remove DST Root CA X3 from the trust store - and add ISRG Root X1 if not already present).
1 Like
Thanks, but the system is up to date.
I get this when I run that:
No packages marked for update
Alright... for those who have the same problem,
Run this if you haven't yet:
# yum update ca-certificates
If you get No packages marked for update, it may have been already run automatically - in my case, it was on Sep 24:Sep 24 05:00:16 Updated: ca-certificates-2021.2.50-72.el7_9.noarch
And then run in your MySQL instance:
> FLUSH SSL;
This resolved my problem!
3 Likes
system
October 30, 2021, 4:27pm
5
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.