Hi, Chris, It seems that your concern is not "cannot connect with SSL", but "my application doesn't read the config file". You can verify the latter with strace or, easier, by adding some invalid option to the config file and see if there'll be a failure. Also, what is connector c version and the server version? 3.3 and 10.6? Regards, Sergei Chief Architect, MariaDB Server and security@mariadb.org On Jul 24, Chris Ross (cross2) via discuss wrote:
Hey there. I am trying to get a local application which uses the mariadb client library to connect to a server with SSL.
On my client system, I have added “ssl-ca” and “ssl-verify-server-cert” to the [client] section of my my.cnf. I can see these in effect with both “mariadb --help” and with “my_print_defaults client”. And, using mariadb client itself with all of the right connection parameters (host/port/username/port/schema) it connects just fine.
However, a program of mine which uses mysql_real_connect() fails, reporting “Access denied for user ‘foo’@’ip’ (using password: YES)”. This is, I assume, because the user on the database side requires ssl, and my client is not using ssl.
I’ve added:
(void)mysql_optionsv(conn, MYSQL_READ_DEFAULT_FILE, NULL);
Into my sources before calling mysql_real_connect(). I thought that would make it pull the params from the config file, and all should be good. But, that’s clearly not enough.
Can someone help me figure out what I’m missing? Thank you.