SSL access using Certificate Store Location = LocalMachine
Posted by: Mark Parr
Date: September 21, 2017 11:40AM

I have a Windows Service Application that currently writes to a MySQL table using the 6.9.8 Connector/NET to which I am going to be adding SSL support. The Service runs under the Local System user account and to support a Certificate Store location, it would seem that the PFX certificate will need to be loaded into the "LocalMachine" rather than "CurrentUser" location.

I have another non-Service based application that currently accesses MySQL successfully via SSL when either using a file based certificate or the Certificate Store for CurrentUser. For Certificate Store usage, that program actually attempts to load the certificate initially using LocalMachine and if that fails will move to CurrentUser.

In testing using this program, I have determined that LocalMachine option continually fails to find the certificate and the fallback to CurrentUser is always getting hit, Using MMC to access Local Computer certificates, I have tried placing PFX certificate in both the "Personal" and "Trusted Root Certification Authorities" repositories but the application never finds a valid certificate. The application continually reports an Inner Exception of "The certificate chain was issued by an authority that is not trusted".

My Connect String is as follows:

Server=10.1.1.1; User=root; Password=password; Database=MyDB; SSLMode=Required; Certificate Store Location=LocalMachine;

I've tried running the program As Administrator and it still fails. I have also listed the Certificates for LocalMachine and I see the MySQL Certificate in the list.

I was using the stand alone program so as I can interact with SSL connection rather than having to deal w/ starting/stopping the Windows Service application initially. I wanted to get the LocalMachine option working before adding the SSL code to the Service application.

Any ideas on what I am doing wrong or suggestions to resolve it?

Thanks
Mark

Options: ReplyQuote


Subject
Written By
Posted
SSL access using Certificate Store Location = LocalMachine
September 21, 2017 11:40AM


Sorry, only registered users may post in this forum.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.