Connecting using SSL
By default, MySQL uses unencrypted connections between the client and the server. Using SSL, all communication between the server and client can be fully encrypted for security.
To create a secure connection:
- CA Cert file: Set this to the file path for the file containing the certificate of the certificate authority for the server. Specifying this will verify the server. This is optional in 5.0.40 and later.
- Client cert file: This is a path to a file containing the client’s certificate, which contains the public key.
- Client key file: This is a path to a file containing the client’s private key.
- Cipher: To set which encryption algorithms and key lengths are acceptable for the connection, set the Cipher value to an appropriate name (such as AES128-SHA) or list of names, separated by colons. If the server and client cannot agree on a cipher, no connection will be made.
For more details about how SSL works with MySQL, see the MySQL documentation.