Howdy,
I've read through all of the MySQL docs on SSL and I just need a brief
overview of a few things to understand some things that aren't crystal
clear to me since I'm not very familiar with SSL.
1) Which SSL options are *required*?
It seems that only ssl-key is _always_ required for the client to
connect to the server. If REQUIRE X509 is set, then ssl-cert is
required as well in order to authenticate who the actual client is,
right?
2) The options I don't understand are ssl-ca/ssl-capath. Why would the
client specify a certificate authority? Is this the authority (or
authorities) that's used to authenticate the server's certificate? Is
there a platform default for this value? I'm not used to having to
specify a list of authorities for other programs to validate
certificates (such as with email).
3) How does I know if the server/client authentication (validating the
certificate against given authorities) failed? Do I just get a vague
"SSL connection error" back from MySQL and that's it?
I think that's mostly it.
Thanks,
--
Seth Willits
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=arch...@jab.org
