MySQL :: Re: Mysql ssl configuration

Contact MySQL |
Login | Register

The world's most popular open source database

Documentation Downloads MySQL.com

Developer Zone

Section Menu:

New Topic

Re: Mysql ssl configuration

Posted by: Filipe Silva
Date: January 04, 2018 11:27AM

Hi Amine,

In order to test your setup you should try a progressive approach:

1st - Disable SSL on server and connect using 'useSSL=false' on client (mind that default depends on the server version you are connecting to). Fix any issues if any.

2nd - Configure SSL on server and try to connect via client without validating the server certificate, i.e., use 'useSSL=true&verifyServerCertificate=false'. This should be enough to provide a secure connection.

3rd - If the above security level isn't enough for you, then use 'useSSL=true&verifyServerCertificate=true' AND prepare a truststore with the CA certificate (root or any of the intermediates) that can validate the server certificate.

Instead of your Java application, you can also use the mysql client, running on server1, to test this same setup.

Note that the keystore containing the client keys is only needed if the user you are trying to connect was created with some of the options of the REQUIRES clause. Check the documentation for more information: https://dev.mysql.com/doc/refman/5.7/en/using-encrypted-connections.html#using-encrypted-connections-client-side-configuration

IHTH

Navigate: Previous Message• Next Message

Options: Reply• Quote

Subject

Written By

Posted

Mysql ssl configuration

amine A

December 26, 2017 02:24PM

Re: Mysql ssl configuration

Filipe Silva

January 04, 2018 11:27AM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.