[sr-dev] How to enable SSL in kamailio mysql db connectivity

Jeetha P J jeetha.j at quantiphi.com
Wed Jun 29 07:08:22 CEST 2022 

HI

 mysql -u kamailio -h xx.xx.xx.xx -ppassword
--ssl-ca=/var/lib/mysql/Quant-certs/server-ca.pem
--ssl-cert=/var/lib/mysql/Quant-certs/client_ca_cert.pem
--ssl-key=/var/lib/mysql/Quant-certs/client-key.pem

Using this also I am able to login

Thanks & Regards
Jeetha P J

On Tue, Jun 28, 2022 at 5:30 PM Henning Westerholt <hw at gilawa.com> wrote:

> Hello,
>
>
>
> you are using a different username (kamailio) for the server, try this.
>
>
>
> Cheers,
>
>
>
> Henning
>
>
>
> --
>
> Henning Westerholt – https://skalatan.de/blog/
>
> Kamailio services – https://gilawa.com
>
>
>
> *From:* Jeetha P J <jeetha.j at quantiphi.com>
> *Sent:* Tuesday, June 28, 2022 1:54 PM
> *To:* Henning Westerholt <hw at gilawa.com>
> *Cc:* Kamailio (SER) - Development Mailing List <sr-dev at lists.kamailio.org
> >
> *Subject:* Re: [sr-dev] How to enable SSL in kamailio mysql db
> connectivity
>
>
>
> Ok, I will check.
>
> But I am able to login via mysql -u root -h xx.xx.xx.xx -ppassword
> --ssl-ca=/var/lib/mysql/Quant-certs/server-ca.pem
> --ssl-cert=/var/lib/mysql/Quant-certs/client-cert.pem
> --ssl-key=/var/lib/mysql/Quant-certs/client-key.pem
>
>
>
> I have uncommented require_secure_transport = ON in  [kamailio].
>
>
>
> Now I am getting the error
>
>
>
> Thanks & Regards
>
> Jeetha P J
>
>
>
>
>
>
>
>
>
>
>
>
>
> On Tue, Jun 28, 2022 at 4:13 PM Henning Westerholt <hw at gilawa.com> wrote:
>
> Hello,
>
>
>
> the error you get is indicating some generic issue with the
> username/password.
>
>
>
> Try to login using the same credentials by using a command line client
> (mysql).
>
>
>
> Cheers,
>
>
>
> Henning
>
>
>
> --
>
> Henning Westerholt – https://skalatan.de/blog/
>
> Kamailio services – https://gilawa.com
>
>
>
> *From:* sr-dev <sr-dev-bounces at lists.kamailio.org> *On Behalf Of *Jeetha
> P J
> *Sent:* Monday, June 27, 2022 8:56 AM
> *To:* sr-dev at lists.kamailio.org
> *Subject:* [sr-dev] How to enable SSL in kamailio mysql db connectivity
>
>
>
> Hi Team,
>
>
>
>  We have SSL in mySQL DB.So I need to add configuration in kamailio also.I
> am adding the configuration I tried. Please help me to achieve this.Its
> little urgent.
>
>
>
> My /etc/mysql/my.cnf
>
> [client]
> socket = /run/mysqld/mysqld.sock
> ssl_key=/var/lib/mysql/Quant-certs/client-key.pem
> ssl_cert=/var/lib/mysql/Quant-certs/client_ca_cert.pem
> ssl_ca=/var/lib/mysql/Quant-certs/server-ca.pem
> #require_secure_transport = ON
>
> [kamailio]
> socket = /run/mysqld//mysqld.sock
> #require_secure_transport = ON
> user = kamailio
> password = kamailiorw
> host=xxx.xxx.xxx.xxx
> default-character-set = utf8
> ssl_key=/var/lib/mysql/Quant-certs/client-key.pem
> ssl_cert=/var/lib/mysql/Quant-certs/client_ca_cert.pem
> ssl_ca=/var/lib/mysql/Quant-certs/server-ca.pem
> ssl_verify=1
>
>
>
> /etc/kamailio/kamailio.cfg
>
>
>
> #!ifndef DBURL
> #!define DBURL "mysql://kamailio:kamailiorw@xx.xx.xxx.xxx/kamailio"
> #!endif
>
>
>
> gateqeeper-kam-dev kamailio[7879]:  0(7879) DEBUG: db_mysql
> [km_my_con.c:107]: db_mysql_new_connection(): opening connection:
> mysql://xxxx:xxxx@xx.xxx.xx.xxx/kamailio
> Jun 27 06:53:12 gateqeeper-kam-dev kamailio[7879]:  0(7879) ERROR:
> db_mysql [km_my_con.c:139]: db_mysql_new_connection(): driver error: Access
> denied for user 'kamailio'@'xx.xxx.xx.xx' (using password: YES)
>
>
>
> Please help me to get it solved.
>
>
>
> Thanks & Regards
>
> Jeetha P J
>
>
>
> *This message contains information that may be privileged or confidential
> and is the property of the Quantiphi Inc and/or its affiliates. It is
> intended only for the person to whom it is addressed. **If you are not
> the intended recipient, any review, dissemination, distribution, copying,
> storage or other use of all or any portion of this message is strictly
> prohibited. If you received this message in error, please immediately
> notify the sender by reply e-mail and delete this message in its entirety*
>
>
>
> *This message contains information that may be privileged or confidential
> and is the property of the Quantiphi Inc and/or its affiliates. It is
> intended only for the person to whom it is addressed. **If you are not
> the intended recipient, any review, dissemination, distribution, copying,
> storage or other use of all or any portion of this message is strictly
> prohibited. If you received this message in error, please immediately
> notify the sender by reply e-mail and delete this message in its entirety*
>

-- 
_This message contains information that may be privileged or confidential 
and is the property of the Quantiphi Inc and/or its affiliates_. It is 
intended only for the person to whom it is addressed. _If you are not the 
intended recipient, any review, dissemination, distribution, copying, 
storage or other use of all or any portion of this message is strictly 
prohibited. If you received this message in error, please immediately 
notify the sender by reply e-mail and delete this message in its 
*entirety*___
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20220629/3ecf33fc/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 73320 bytes
Desc: not available
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20220629/3ecf33fc/attachment-0001.png>

More information about the sr-dev mailing list