Using Let's Encrypt certs with MySQL for database replication



I’m trying to set up a database replication so that it uses secure connections, but it is not clear what certificates I have to use. Here is my current configuration:

# ssl-ca identifies the Certificate Authority (CA) certificate.
# wget

# ssl-cert identifies the server public key certificate. This can be sent to the client and authenticated against the CA certificate that it has.
ssl-cert=/etc/letsencrypt/live/MYDOMAIN/cert.pem #  or chain.pem|fullchain.pem ?

# ssl-key identifies the server private key.

My doubts are on the first two options. Are they correct?


MySQL Replication and letsencrypt certificates (client side)
Using Munin with Let's Encrypt (certificate verify failed) #420

2nd is correct, 1st is wrong. Change that one to chain.pem, that way it’ll still work if the intermediate is changed.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.