Results 1 to 2 of 2

Thread: SSL enable?

  1. #1
    Join Date
    May 2014
    Posts
    1

    Unanswered: SSL enable?

    I have set up MySql to use SSL (I think).
    I generated certs and modified the mysql start-up file to use the certs. When I open the local Workbench it shows SSL is enable and shows the certs.

    however, i can connect to the MySQL DB that is supposed to have SSL enabled from a client running workbench without setting up workbench to use the SSL certs

    i should be denied access to the remote DB that has SSL enabled.

    am i missing something?

    thanks

  2. #2
    Join Date
    Jun 2012
    Posts
    18
    Hi Stanj,

    In fact even you enabled the ssl on the server, you can connect without ssl
    if you connect with an user without the option 'Require SSL'.

    You have to set the option like this :
    Code:
    GRANT SELECT ON dbname.* TO 'username'@'%' REQUIRE SSL;
    FLUSH PRIVILEGES;
    When you will connect with the user 'username', you have to use the SSL certs.

    If the connection is using SSL, This command
    Code:
    mysql -uusername -ppassword --ssl-ca=/../cacert.pem --ssl-cert=/../clientcert.pem --ssl-key=/../clientkey.pem -e '\s'
    will show you something like that :
    Code:
    ...
    Current user:         username@localhost
    SSL:                    Cipher in use is DHE-RSA-AES256-SHA
    ...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •