my_bool mysql_ssl_set(MYSQL *mysql, const char *key,
const char *cert, const char *ca, const char *capath, const char
It is not necessary to call
mysql_ssl_set() to obtain a
secure connection because MySQL programs attempt to connect
securely by default if the server supports secure connections
(see Section 6.4.1, “Configuring MySQL to Use Secure Connections”).
mysql_options(mysql, MYSQL_OPT_SSL_KEY, key); mysql_options(mysql, MYSQL_OPT_SSL_CERT, cert); mysql_options(mysql, MYSQL_OPT_SSL_CA, ca); mysql_options(mysql, MYSQL_OPT_SSL_CAPATH, capath); mysql_options(mysql, MYSQL_OPT_SSL_CIPHER, cipher);
Applications can call
mysql_options() directly, and
can omit those calls for which the option value is
NULL. In addition,
secure-connection options that
mysql_ssl_set() does not, such
MYSQL_OPT_SSL_MODE to specify the
security state of the connection.
mysql_ssl_set() does nothing
unless SSL support is enabled in the client library.
mysql: The connection handler returned from
key: The path name to the key file
cert: The path name to the certificate file
ca: The path name to the certificate authority file
capath: The path name to a directory that contains trusted SSL CA certificates in PEM format
cipher: A list of permissible ciphers to use for SSL encryption
mysql argument must be a valid
connection handler. Any unused SSL arguments may be given as
This function always returns
0. If SSL
setup is incorrect, a subsequent
returns an error when you attempt to connect.
mysql_ssl_set() specifies SSL
information such as certificate and key files for establishing
a secure connection if such connections are available, but
does not enforce any requirement that the connection obtained
be secure. To require an encrypted connection, the standard
MySQL client programs use the following technique, which can
also be used by third-party applications:
--ssl-mode=REQUIREDcommand-line option was specified, turn on SSL by calling
mysql_ssl_set()to supply the appropriate SSL values. In addition, call
mysql_options(), passing the
MYSQL_OPT_SSL_MODEoption with a value of
SSL_MODE_REQUIRED. If the
mysql_options()call fails, exit with an error.
mysql_real_connect()to connect to the server. The call fails if an encrypted connection cannot be obtained.