Documentation Home
MySQL 5.7 Reference Manual
Related Documentation Download this Manual
PDF (US Ltr) - 37.9Mb
PDF (A4) - 37.9Mb
PDF (RPM) - 37.3Mb
HTML Download (TGZ) - 10.2Mb
HTML Download (Zip) - 10.3Mb
HTML Download (RPM) - 8.9Mb
Man Pages (TGZ) - 214.6Kb
Man Pages (Zip) - 327.6Kb
Info (Gzip) - 3.4Mb
Info (Zip) - 3.4Mb
Excerpts from this Manual

27.8.7.73 mysql_ssl_set()

my_bool mysql_ssl_set(MYSQL *mysql, const char *key, const char *cert, const char *ca, const char *capath, const char *cipher)

Description

mysql_ssl_set() is used for establishing secure connections using SSL. It must be called before mysql_real_connect().

mysql_ssl_set() does nothing unless SSL support is enabled in the client library.

Arguments:

  • mysql: The connection handler returned from mysql_init().

  • key: The path name to the key file

  • cert: The path name to the certificate file

  • ca: The path name to the certificate authority file

  • capath: The path name to a directory that contains trusted SSL CA certificates in PEM format

  • cipher: A list of permissible ciphers to use for SSL encryption

The mysql argument must be a valid connection handler. Any unused SSL arguments may be given as NULL.

Return Values

This function always returns 0. If SSL setup is incorrect, a subsequent mysql_real_connect() call returns an error when you attempt to connect.

Enforcing an Encrypted Connection

mysql_ssl_set() specifies SSL information such as certificate and key files for establishing a secure connection if such connections are available, but does not enforce any requirement that the connection obtained be secure. To require an encrypted connection, the standard MySQL client programs use the following technique, which can also be used by third-party applications:

  1. If the --ssl-mode=REQUIRED command-line option was specified, turn on SSL by calling mysql_ssl_set() to supply the appropriate SSL values. In addition, call mysql_options(), passing the MYSQL_OPT_SSL_MODE option with a value of SSL_MODE_REQUIRED. If the mysql_options() call fails, exit with an error.

  2. Call mysql_real_connect() to connect to the server. The call fails if an encrypted connection cannot be obtained.


User Comments
Sign Up Login You must be logged in to post a comment.