(mysql.info.gz) SSL options
Info Catalog
(mysql.info.gz) Secure GRANT
(mysql.info.gz) Secure connections
(mysql.info.gz) Windows and SSH
5.6.7.5 SSL Command-Line Options
................................
The following list describes options that are used for specifying the
use of SSL, certificate files, and key files. These options are
available beginning with MySQL 4.0. They may be given on the command
line or in an option file.
`--ssl'
For the server, this option specifies that the server allows SSL
connections. For a client program, it allows the client to
connect to the server using SSL. This option is not sufficient in
itself to cause an SSL connection to be used. You must also
specify the `--ssl-ca', `--ssl-cert', and `--ssl-key' options.
This option is more often used in its opposite form to indicate
that SSL should _not_ be used. To do this, specify the option as
`--skip-ssl' or `--ssl=0'.
Note that use of `--ssl' doesn't _require_ an SSL connection. For
example, if the server or client is compiled without SSL support,
a normal unencrypted connection will be used.
The secure way to ensure that an SSL connection will be used is to
create an account on the server that includes a `REQUIRE SSL'
clause in the `GRANT' statement. Then use this account to connect
to the server, with both a server and client that have SSL support
enabled.
`--ssl-ca=FILE_NAME'
The path to a file with a list of trusted SSL CAs.
`--ssl-capath=DIRECTORY_NAME'
The path to a directory that contains trusted SSL CA certificates
in pem format.
`--ssl-cert=FILE_NAME'
The name of the SSL certificate file to use for establishing a
secure connection.
`--ssl-cipher=CIPHER_LIST'
A list of allowable ciphers to use for SSL encryption.
CIPHER_LIST has the same format as the `openssl ciphers' command.
Example: `--ssl-cipher=ALL:-AES:-EXP'
`--ssl-key=FILE_NAME'
The name of the SSL key file to use for establishing a secure
connection.
Info Catalog
(mysql.info.gz) Secure GRANT
(mysql.info.gz) Secure connections
(mysql.info.gz) Windows and SSH
automatically generated byinfo2html