MySQL Reference Manual for version 4.0.18.

[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

5.5.9.5 SSL Command-line Options

The following table lists options that are used for specifying the use of SSL, certificate files, and key files. These options are available beginning with MySQL 4.0. They may be given on the command line or in option files.

--ssl
For the server, specifies that the server allows SSL connections. For a client program, allows the client to connect to the server using SSL. This option itself is not sufficient to cause an SSL connection to be used. You must also specify the --ssl-ca, --ssl-cert, and --ssl-key options.

Note that this option doesn't require an SSL connection. For example, if the server or client are compiled without SSL support, a normal unencrypted connection will be used.

The secure way to ensure that a SSL connection will be used is to create an account on the server that includes a REQUIRE SSL clause in the GRANT statement. Then use this account to connect to the server, with both a server and client that have SSL support enabled.

You can use this option to indicate that the connection should not use SSL. Do this by specifying the option as --skip-ssl or --ssl=0.

--ssl-ca=file_name
The path to a file with a list of trusted SSL CAs.

--ssl-capath=directory_name
The path to a directory that contains trusted SSL CA certificates in pem format.

--ssl-cert=file_name
The name of the SSL certificate file to use used for establishing a secure connection.

--ssl-cipher=cipher_list
A list of allowable ciphers to use for SSL encryption. cipher_list has the same format as the openssl ciphers command.

Example: --ssl-cipher=ALL:-AES:-EXP

--ssl-key=file_name
The name of the SSL key file to use used for establishing a secure connection.


[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

This document was generated by rdg (Feb 25 2004) using texi2html