Given:
1) A MySql database server built to accept SSL connections, with its
server key, server certificate, and CA certificate called 'ca.pem',
have_openssel = YES, have_ssl = YES, and using a well known cipher which
I will call 'MYCIPHER' ( to protect the name of the actual cipher being
used ).
2) A client program with its corresponding client key called 'ck.pem',
client certificate called 'cc.pem', and the same CA certificate as the
server called 'ca.pem', all in a client directory called
'c:/mycertificates'.
3) A host called 'myhost.com', a database called 'mydatabase', a
username called 'myuser', and a password called 'mypassword'.
My code is:
----------------------------------------------------------------------------------------------------------------------------
#include <mysql++.h>
// ...
try
{
mysqlpp::TCPConnection* conn(new *mysqlpp::TCPConnection);
mysqlpp::Option * opt(new
mysqlpp::SslOption("ck.pem","cc.pem","ca.pem","c:/mycertificates","MYCIPHER"));
// Line 4
conn -> set_option(opt); // Line 5
conn -> connect("myhost.com","mydatabase.com","myuser","mypassword");
}
catch (const mysqlpp::BadOption & e)
{
// Do recovery
}
catch (const mysqlpp::ConnectionFailed & e)
{
// Do recovery
}
-----------------------------------------------------------------------------------------------------------------------------
The 'conn -> connect' call throws the mysqlpp::ConnectionFailed
exception with an error code of 2026 and a message of "SSL connection
error".
If I comment out lines 4 and 5, therefore not making an SSL connection,
everything succeeds.
Does anyone see anything wrong with my use of SslOption, or in my code
otherwise ?
Does anyone know of any way I can determine why the SSL connection is
failing ?
Thanks !
