I've been searching and testing for hours and still can't figure this out. MySQL version 5.7.23 on both slave and master.
Replication over SSL is failing with the following error message:
Slave I/O for channel '': error connecting to master 'replslave1@stuff.stuff.com:3306' – retry-time: 60 retries: 1, Error_code: 2026
Replication works fine without SSL, so I know that the replication user and password are correct, and port 3306 is not blocked. I can connect with SSL from the command line with the same user and password combination:
mysql -u replslave1 -pxxxx -h stuff.stuff.com --ssl --ssl-ca='/etc/mysql/master-ca.pem' --ssl-capath='/etc/mysql' --ssl-cert='/etc/mysql/repl1-pub.pem' --ssl-key='/etc/mysql/repl1-priv.pem' --ssl-cipher='DHE-RSA-AES256-SHA'
When I do this from the command line the cipher shows as DHE-RSA-AES256-SHA.
Any ideas are welcome.
Best Answer
Finally! 6 - 8 hours of work later:
The problem in my case was that the slave server has 2 network interfaces and the usable/public IP address is assigned to the second interface. The first, which I assume that MySQL/OpenSSL is using as a default, does not have an IP address.
I solved by adding
MASTER_BINDto myCHANGE_MASTERstatement.