Documentation Home
MySQL 5.7 Reference Manual
Related Documentation Download this Manual
PDF (US Ltr) - 38.0Mb
PDF (A4) - 38.0Mb
PDF (RPM) - 37.3Mb
HTML Download (TGZ) - 10.2Mb
HTML Download (Zip) - 10.2Mb
HTML Download (RPM) - 8.9Mb
Man Pages (TGZ) - 216.6Kb
Man Pages (Zip) - 329.3Kb
Info (Gzip) - 3.5Mb
Info (Zip) - 3.5Mb
Excerpts from this Manual

27.8.7.73 mysql_ssl_set()

my_bool mysql_ssl_set(MYSQL *mysql, const char *key, const char *cert, const char *ca, const char *capath, const char *cipher)

Description

mysql_ssl_set() is used for establishing encrypted connections using SSL. The mysql argument must be a valid connection handler. Any unused SSL arguments may be given as NULL.

If used, mysql_ssl_set() must be called before mysql_real_connect(). mysql_ssl_set() does nothing unless SSL support is enabled in the client library.

It is optional to call mysql_ssl_set() to obtain an encrypted connection because by default, MySQL programs attempt to connect using encryption if the server supports encrypted connections, falling back to an unencrypted connection if an encrypted connection cannot be established (see Section 6.4.1, “Configuring MySQL to Use Encrypted Connections”). mysql_ssl_set() may be useful to applications that must specify particular certificate and key files, encryption ciphers, and so forth.

mysql_ssl_set() specifies SSL information such as certificate and key files for establishing an encrypted connection if such connections are available, but does not enforce any requirement that the connection obtained be encrypted. To require an encrypted connection, use the technique described in Section 27.8.15, “C API Encrypted Connection Support”.

mysql_ssl_set() is a convenience function that is essentially equivalent to this set of mysql_options() calls:

mysql_options(mysql, MYSQL_OPT_SSL_KEY,    key);
mysql_options(mysql, MYSQL_OPT_SSL_CERT,   cert);
mysql_options(mysql, MYSQL_OPT_SSL_CA,     ca);
mysql_options(mysql, MYSQL_OPT_SSL_CAPATH, capath);
mysql_options(mysql, MYSQL_OPT_SSL_CIPHER, cipher);

Because of that equivalence, applications can, instead of calling mysql_ssl_set(), call mysql_options() directly, omitting calls for those options for which the option value is NULL. Moreover, mysql_options() offers encrypted-connection options not available using mysql_ssl_set(), such as MYSQL_OPT_SSL_MODE to specify the security state of the connection, and MYSQL_OPT_TLS_VERSION to specify the protocols permitted by the client for encrypted connections.

Arguments:

  • mysql: The connection handler returned from mysql_init().

  • key: The path name to the key file

  • cert: The path name to the certificate file

  • ca: The path name to the certificate authority file

  • capath: The path name to a directory that contains trusted SSL CA certificates in PEM format

  • cipher: A list of permissible ciphers to use for SSL encryption

Return Values

This function always returns 0. If SSL setup is incorrect, a subsequent mysql_real_connect() call returns an error when you attempt to connect.


User Comments
Sign Up Login You must be logged in to post a comment.