Public bug reported: Mariadb 10.3 as provided by Ubuntu and shipped in LTS is compiled against YaSSL version 2.4.4, which supports a maximum tls version of 1.1 as I understand it. See: https://ubuntuforums.org/showthread.php?t=2420831
Focal minimum tls requirement is higher, tls v1.2 as discussed here: https://discourse.ubuntu.com/t/default-to-tls-v1-2-in-all-tls-libraries- in-20-04-lts/12464/3 As a result, all attempts to use ssl that worked pre-focal now hit a hard failure with such as: ERROR 2026 (HY000): SSL connection error: The TLS connection was non- properly terminated. and via libraries: Unable to open database: SSL connection error: error:1408F10B:SSL routines:ssl3_get_record:wrong version number Upstream offers a focal repository, so hopefully this won't be a hard one to merge into standard Ubuntu, since basically without some fix SSL/TLS via mariadb is broken entirely on an LTS version -- and that for 5 years, as they say, needs a close look. I suspect there are other compatibility issues preventing it, but as 'upgrading to focal' killed several web servers -- some sort of pragmatic work-around needs doing. Until then: sudo apt-get install software-properties-common sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc' sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.utexas.edu/mariadb/repo/10.5/ubuntu focal main' Hope this helps someone... ** Affects: mariadb-10.3 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1885632 Title: Focal requires tls > mariadb rev has. ssl dead, websites down on upgrade To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mariadb-10.3/+bug/1885632/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
