mysql - OpenSSL - error 18 at 0 depth lookup:self signed certificate

Question

I was trying to create a SSL certificate to use with MySQL as like mentioned here : http://dev.mysql.com/doc/refman/5.5/en/creating-ssl-certs.html

While verifying the certificates I got the following error

  # openssl verify -CAfile ca-cert.pem server-cert.pem client-cert.pem
    server-cert.pem: C = IN, ST = KERALA, L = COCHIN, O = ABCD, OU = OPERATIONAL, CN = SATHISH, emailAddress = [email protected]
    error 18 at 0 depth lookup:self signed certificate
    OK
    client-cert.pem: C = IN, ST = KERALA, L = COCHIN, O = ABCD, OU = OPERATIONAL, CN = sathish, emailAddress = [email protected]
    error 18 at 0 depth lookup:self signed certificate
    OK

Could someone help me on generating keys without any errors based on the document in the above link.

question from:https://stackoverflow.com/questions/19726138/openssl-error-18-at-0-depth-lookupself-signed-certificate

Answer 1

I think you missed this part of the instructions:

Whatever method you use to generate the certificate and key files, the Common Name value used for the server and client certificates/keys must each differ from the Common Name value used for the CA certificate. Otherwise, the certificate and key files will not work for servers compiled using OpenSSL.

When OpenSSL prompts you for the Common Name for each certificate, use different names.