Troubleshooting
Problem
Guardium S-TAP is unable to capture remote traffic from MYSQL 5.7 or above.
Symptom
In Guardium reports, you see local connection to database being captured but no remote connections are seen.
Cause
The connections for mysql 5.7 or above are SSL encrypted by default. Currently, mysql SSL encrypted traffic capture is not supported by regular Guardium S-TAP.
Note:- Guardium supports mysql encrypted traffic with Guardium External S-TAP
Resolution mentioned in this technote is only relevant for regular Guardium S-TAP.
Resolving The Problem
In order to resolve the issue mysql SSL connection can be disabled as mentioned below, please contact mysql support for more information or questions on SSL encryption.
Steps:-
For MYSQL version 5.7.32
1. To disable encryption, you have to add the following line to /etc/my.cnf file
(under the [mysqld] section):
skip-ssl
(under the [mysqld] section):
skip-ssl
Then, save the file.
2. Restart mysql
2. Restart mysql
3. Test again.
For MYSQL version 8 or above
1. To disable encryption, you have to add the following line to /etc/my.cnf file
(under the [mysqld] section):
ssl-mode=DISABLED
Then, save the file.
(under the [mysqld] section):
ssl-mode=DISABLED
Then, save the file.
2. Restart mysql
3. Test again.
If this is still failing to capture the remote traffic, share following logs to investigate further:
1. /etc/my.cnf file
2. Output of this query in mysql: show variables like '%ssl%';
3. SLON capture while creating remote sessions.
4. support must_gather sniffer_issues from the associated collector
2. Output of this query in mysql: show variables like '%ssl%';
3. SLON capture while creating remote sessions.
4. support must_gather sniffer_issues from the associated collector
Related Information
Document Location
Worldwide
[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSCJM6A","label":"IBM Security Guardium S-TAP for IMS on z\/OS"},"ARM Category":[{"code":"a8m0z000000Gp0PAAS","label":"DATABASE"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]
Was this topic helpful?
Document Information
Modified date:
30 December 2020
UID
ibm16374044