4493d40a-92aa-4162-9dfc-bfc4ec0996e6
/
polardbxengine
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
polardbxengine/mysql-test/suite/xengine_auth_sec/r/ssl_auto_detect.result

55 lines
2.2 KiB
Plaintext
Raw Blame History

# Global Setup
call mtr.add_suppression("Failed to setup SSL");
call mtr.add_suppression(".*SSL_CTX_set_default_verify_paths failed");
# Case 1 : Enable SSL automatically if ca.pem, server-cert.pem and
# sever-key.pem are present in data directory
# Copy SSL certificates before restarting.
# They should be picked up automatically by server.
# Restart completed.
# Search for : Found ca.pem, server-cert.pem and server-key.pem in data directory. Trying to enable SSL support using them.
Pattern "Found ca.pem, server-cert.pem and server-key.pem in data directory. Trying to enable SSL support using them." found
# Search for : CA certificate is self signed.;
Pattern "CA certificate .* is self signed." found
# Try to establish SSL connection : This must succeed.
SHOW STATUS LIKE 'Ssl_cipher';
Variable_name Value
Ssl_cipher SSL_CIPHER
SHOW VARIABLES LIKE 'have_ssl';
Variable_name Value
have_ssl YES
# Check values of ssl_ca, ssl_cert and ssl_key.
# They should refer to certificate/key files in data directory.
SHOW VARIABLES LIKE 'ssl_ca';
Variable_name Value
ssl_ca ca.pem
SHOW VARIABLES LIKE 'ssl_cert';
Variable_name Value
ssl_cert server-cert.pem
SHOW VARIABLES LIKE 'ssl_key';
Variable_name Value
ssl_key server-key.pem
# Connect using mysql client : This must succeed.
Variable_name Value
Ssl_cipher SSL_CIPHER
# Case 2 : Remove server-key.pem and observe that server starts
# without SSL capability
# Remove one of the certificates/keys.
# Restart completed.
# Check value of have_ssl. It must be DISABLED.
SHOW VARIABLES LIKE 'have_ssl';
Variable_name Value
have_ssl DISABLED
# Try creating SSL connection using mysql connection. It should fail.
#
# Bug#21108296 : --SSL-CIPHER OPTION CAUSES SSL INITIALIZATION FAILURE
#
# Restart completed.
# Search for : Found ca.pem, server-cert.pem and server-key.pem in data directory. Trying to enable SSL support using them.
Pattern "Found ca.pem, server-cert.pem and server-key.pem in data directory. Trying to enable SSL support using them." found
# Search for : CA certificate is self signed.;
Pattern "CA certificate .* is self signed." found
# Try creating SSL connection
Variable_name Value
Ssl_cipher SSL_CIPHER
# Global Cleanup
Reference in New Issue View Git Blame Copy Permalink