MySQL Forums
Forum List  »  Security

question on "--ssl-ca" flag during ssl connection
Posted by: sridhar subramanya
Date: August 28, 2024 09:04AM

I've a mysql server running on redhat8 and enabled it for TLS/SSL one way authentication.

my question is about the significance of using "--ssl-ca" to validate the server certificate , given that there are instances where mysql client/shell (probably version 8 or older) getting connected successfully to the server without providing --ssl-ca as a part of connection.

I thought it was an expected behavior. in the above case i assume connections are still secure its just that, server certificate were not validated from the client side.

i assume its the responsibility of the connecting client or application to validate/verify that the certificate from their end .

if my assumption was wrong , Does server can act as a gate keeper or does have any setting on the server side which could dictate incoming client connections to validate its certificate and restrict the connection if its not.

request your valuable input on the matter.

Thanks,
Sri

Options: ReplyQuote


Subject
Views
Written By
Posted
question on "--ssl-ca" flag during ssl connection
88
August 28, 2024 09:04AM


Sorry, only registered users may post in this forum.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.