(mysql.info) secure-using-yassl
Info Catalog
(mysql.info) secure-using-openssl
(mysql.info) secure-connections
(mysql.info) secure-create-certs
5.9.7.3 Using SSL Connections with yaSSL
........................................
Using MySQL's built-in yaSSL support makes it easier to use secure
connections. You don't have to install OpenSSL and perform the other
steps described in secure-using-openssl. Also, both MySQL and
yaSSL employ the same licensing model.
Currently, yaSSL support is available for these platforms:
* Linux/x86-64 Red Hat Enterprise 3.0
* Linux RHAS21 Itanium-2 with gcc, statically linked
* Linux Itanium-2 with gcc
* Windows (all builds)
To enable yaSSL when building MySQL from source, you should configure
MySQL like this:
shell> ./configure --with-yassl
Note that yaSSL support on Unix platforms requires that either
`/dev/urandom' or `/dev/random' be installed to retrieve true random
numbers. For additional information (especially regarding yaSSL on
Solaris versions prior to 2.8 and HP-UX), see Bug #13164
(http://bugs.mysql.com/13164).
To start the MySQL server with yaSSL support, use the same options as
with OpenSSL support and identify the certificates needed to establish
a secure connection:
shell> mysqld --ssl-ca=CACERT.PEM \
--ssl-cert=SERVER-CERT.PEM \
--ssl-key=SERVER-KEY.PEM
* -ssl-ca identifies the Certificate Authority certificate.
* -ssl-cert identifies the server certificate.
* -ssl-key identifies the client certificate.
To establish a secure connection to a MySQL server with yaSSL support,
start a client like this:
shell> mysql --ssl-ca=CACERT.PEM \
--ssl-cert=SERVER-CERT.PEM \
--ssl-key=SERVER-KEY.PEM
In other words, the options are the same as for the server, and the
Certificate Authority certificate has to be the same.
To establish a secure connection from an application program, use the
`mysql_ssl_set()' API function to set the appropriate certificate
options, before calling `mysql_real_connect()'. See
mysql-ssl-set.
Info Catalog
(mysql.info) secure-using-openssl
(mysql.info) secure-connections
(mysql.info) secure-create-certs
automatically generated byinfo2html