0

I have enabled SSL support on a server running MySql. When it comes to connecting to the server using PDO: Do I have to generate certificates on the client side as well in order to use an encrypted connection? Or is it enough to just set a specific PDO attribute (have not found it) in order to enable SSL?

Thanks for any guidance!

Araw
  • 2,410
  • 3
  • 29
  • 57
  • Like with every symmetric encryption, you need private/public pair on the server side, while the client should connect with the public key. Anyway any reason for using encryption? You generally should only care about database communication encryption should you traffic pass through an unsecure network (over Internet for instance). – Mike Doe Mar 09 '18 at 08:42
  • 1
    the attributes are `PDO::MYSQL_ATTR_SSL_KEY,PDO::MYSQL_ATTR_SSL_CERT,PDO::MYSQL_ATTR_SSL_CA` which should be set as strings pointing to the various certificates `client-key.pem,client-cert.pem,ca-cert.pem` so you need to generate a valid set of certificates. https://stackoverflow.com/questions/33701027/how-to-connect-mysql-from-pdo-under-ssl. Also, when using self-signed certs ~ `PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT=false` – Professor Abronsius Mar 09 '18 at 08:42
  • @MichaelZukowski: The connection is going over internet, so that is why I want to encrypt it, in order to make it more secure. – Araw Mar 09 '18 at 08:49
  • @RamRaider: So I can just copy the client-key.pem client-cert.pem and ca-key.pem from the server to the client which can be used to create an encrypted connection? – Araw Mar 09 '18 at 08:50
  • Simple as that, haven't you tried that already? There are plenty of resources in the web on the subject. – Mike Doe Mar 09 '18 at 08:52

0 Answers0