1

I'm very new to MySQL and also to SSL connections, I was following MySQL official documentation http://dev.mysql.com/doc/refman/5.1/en/ssl-options.html, but I dont get how connect using SSL: I've already have this:

mysql> show variables like '%ssl%';
+---------------+----------------------------+
| Variable_name | Value                      |
+---------------+----------------------------+
| have_openssl  | YES                        |
| have_ssl      | YES                        |
| ssl_ca        | /etc/mysql/ca-cert.pem     |
| ssl_capath    |                            |
| ssl_cert      | /etc/mysql/server-cert.pem |
| ssl_cipher    |                            |
| ssl_key       | /etc/mysql/server-key.pem  |
+---------------+----------------------------+
7 rows in set (0.00 sec)

But it's not clear for me if that is enough to use SSL when connecting to others servers. I enabled my SSL, but should I send the certificate when connecting? https://dev.mysql.com/doc/refman/5.5/en/mysql-ssl-set.html

Is it required? or is only enabling SSL as I did enough?

Oldskool
  • 34,211
  • 7
  • 53
  • 66
Zilev av
  • 491
  • 1
  • 7
  • 21
  • you don't need to have an ssl cert when connecting to an ssl resource. only the "server" needs one. the only time your client would need one is if you want mutual identification/authentication. "this is really the server" and "this is really the client". – Marc B Aug 20 '15 at 14:56
  • then enable SSL as shows here ```show variables like '%ssl%'```is enough?, after that when connecting to mysql it will be a secure connection? – Zilev av Aug 20 '15 at 15:00
  • as long as you tell the client to use ssl when connecting, and that the client will accept the server's cert, yes, that's all you need. – Marc B Aug 20 '15 at 15:02
  • 1
    ohh great, maybe I miss that step, to "tell the client to use ssl when connecting", how can I do this? is it ```--ssl``` ? – Zilev av Aug 20 '15 at 15:06
  • 1
    http://stackoverflow.com/questions/9738712/connect-to-remote-mysql-server-with-ssl-from-php – Marc B Aug 20 '15 at 15:10
  • ohhh I see thanks :) – Zilev av Aug 20 '15 at 15:21

0 Answers0