ODBC Driver for MySQL

SSL Connection to MySQL via ODBC Driver

SSL (Secure Sockets Layer) is the protocol for secure access to remote computers over insecure communication channels.

The SSL protocol runs above TCP/IP and below higher-level database protocol. It uses TCP/IP on behalf of the higher-level protocols, and in the process allows an SSL-enabled server to authenticate itself to an SSL-enabled client, allows the client to authenticate itself to the server, and allows both machines to establish an encrypted connection.

These capabilities address fundamental concerns about communication over the Internet and other TCP/IP networks:

SSL is based on algorithms of asymmetric encryption and digital signature. Consult MySQL Reference Manual for information about how to enable SSL support for MySQL server and generate certificates .

Note:

Usage of SSL is more preferable for MySQL connections than SSH because of less required settings and higher performance.

How to connect to MySQL using SSL

To use SSL encryption for connection to MySQL, the corresponding SSL connection options should be set:

SSLConnection

SSL Options Description

Option

Description

Use SSL

Enables SSL connections to MySQL. The default value is False.

CA Certificate

Holds the pathname to the certificate authority file.

Certificate

Holds the pathname to the certificate file.

Key

Holds the pathname to the key file.

Ignore Server Certificate Validity

Specifies whether the server certificate validity period will be checked during a handshake when starting a new TLS/SSL session. The default value is True.

Ignore Server Certificate Constraints

Specifies whether the server certificate will be verified for compliance with constraints during a handshake when starting a new TLS/SSL session. The default value is True.

Trust Server Certificate

Specifies whether the server certificate will be verified during a handshake when starting a new TLS/SSL session. The default value is False.

Ignore Server Certificate Insecurity

Specifies whether the server certificate signature security will be checked during a handshake when starting a new TLS/SSL session. The default value is False.

Example Connection String

User ID=root;Password=root;Server=db;Port=3307;Database=test;Use SSL=true;SSL CACert=c:\cacert.pem;SSL Cert=c:\client-cert.pem;SSL Key=c:\client-key.pem;

© 2015-2020 Devart. All Rights Reserved. Request Support ODBC Forum Provide Feedback