OpenSSL - error 18 at 0 depth lookup:self signed certificate

mysql ssl openssl
56,943

I think you missed this part of the instructions:

Whatever method you use to generate the certificate and key files, the Common Name value used for the server and client certificates/keys must each differ from the Common Name value used for the CA certificate. Otherwise, the certificate and key files will not work for servers compiled using OpenSSL.

When OpenSSL prompts you for the Common Name for each certificate, use different names.

Share:
56,943
Sathish
Author by

Sathish

Working as System Engineer, having good hands on experience in Linux administration, Amazon web services - Ec2, S3, RDS, Cloudfront, Route 53, Elastic Load Balancing, Auto Scaling, IAM, SES, SQS, SNS, VPC, Cloud Formation, CloudWatch, Glacier, Elastic Transcoder, Wowza Media Streaming, FFMPEG, AVConv, Kaltura, Red5 Media Streaming, ShoutCast streaming, IceCast streaming, Cpanel, Plesk, Virtualmin Hosting Linkedin - https://www.linkedin.com/in/sathishkumarkp

Updated on February 13, 2020

Comments

  • Sathish
    Sathish about 4 years

    I was trying to create a SSL certificate to use with MySQL as like mentioned here : http://dev.mysql.com/doc/refman/5.5/en/creating-ssl-certs.html

    While verifying the certificates I got the following error

      # openssl verify -CAfile ca-cert.pem server-cert.pem client-cert.pem
    server-cert.pem: C = IN, ST = KERALA, L = COCHIN, O = ABCD, OU = OPERATIONAL, CN = SATHISH, emailAddress = [email protected]
    error 18 at 0 depth lookup:self signed certificate
    OK
    client-cert.pem: C = IN, ST = KERALA, L = COCHIN, O = ABCD, OU = OPERATIONAL, CN = sathish, emailAddress = [email protected]
    error 18 at 0 depth lookup:self signed certificate
    OK

    Could someone help me on generating keys without any errors based on the document in the above link.

  • Cerveser
    Cerveser about 10 years
    I had the same issue: after you enter some values for the Distinguished Name you can enter the value for the Common Name.
  • Jihane
    Jihane almost 4 years
    This is the best answer to this issue out there, thank you so much, been struggling with this for days.
  • SiHa
    SiHa about 3 years
    Unfortunately, all of the guides I've seen out there neglect to mention this (rather crucial) point. Thanks.
  • itlux
    itlux almost 3 years
    I have the same issue when generated ca.pem and client.pem with the same CN, thanks u!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

On connecting to MySQL via SSL getting ERROR 2026 (HY000): SSL connection error: protocol version mismatch
Why MySQL Workbench 8.x errors out with an SSL connection error, choose client version unsupported protocol
Enabling SSL in MySQL
AWS MySQL ERROR 2026 (HY000): SSL connection error:
PHP Startup: Unable to load dynamic library '/usr/lib/php/20151012/php_openssl.dll'
MySQL ERROR 2026 (HY000): SSL connection error
Cannot connect to wss with Flutter
Connecting to MySQL server with ssl
OpenSSL Verify Peer (Client) Certificate in C++
python3 and requests: still getting 'sslv3 alert handshake failure'