About
What is Sender authentication ? (Public Key Authentication based, Certificate-based in Cryptography) and SSL - Handshake (Negociation) with MySql
The client is below the mysql cli but it can be another implementation.
For the authentication:
- You have the private key private of the client You need to keep it private.
- The MySQL Server has the public key of the client
Articles Related
Example
mysql \
-u root \
-p password \
-h hostIPorName \
--ssl-ca=server-ca.pem \
--ssl-cert=client-cert.pem \
--ssl-key=client-key.pem
where:
- ssl-ca is the certificate of the CA to check the certificate of the MySQL server - file in PEM format - ie it override the trusted CA certificates
- ssl-cert is the certificate of the client - the mySql server may require it - X509 cert in PEM format.
- ssl-key is the private key of the client - X509 key in PEM format (if the public key authentication is mandatory)