Hello!
Can I connect to MySQL 5.0 using SSL? If it is possible how can I do it?
I use Zeos 6.6.0 and MySQL 5.0
[bug_fixed] SSL connection to MySQL
Moderators: gto, cipto_kh, EgonHugeist, mdaems
-
mdaems
- Zeos Project Manager
- Posts: 2766
- Joined: 20.09.2005, 15:28
- Location: Brussels, Belgium
- Contact:
No, you can't use SSL using Zeoslib now. It would not be too dificult to implement however. Unfortunately I don't have any SSL experience, so testing it would not work.
What has to be done:
- Add SSL_Set to IZMySQLPlainDriver and Driver implementations (ZPlainMySqlDriver.pas)
- Call FPlainDriver.SSL_Set before FPlainDriver.RealConnect in procedure TZMySQLConnection.Open (ZDbcMySql.pas).
The patchs to certificates could be provided by adding values to the Properties field of the TZConnection component.
If you feel like testing (or can teach me how to make a SSL mysql connection on windows with mysql.exe and mysqld.exe) I want to work together with you on this.
Mark
What has to be done:
- Add SSL_Set to IZMySQLPlainDriver and Driver implementations (ZPlainMySqlDriver.pas)
- Call FPlainDriver.SSL_Set before FPlainDriver.RealConnect in procedure TZMySQLConnection.Open (ZDbcMySql.pas).
The patchs to certificates could be provided by adding values to the Properties field of the TZConnection component.
If you feel like testing (or can teach me how to make a SSL mysql connection on windows with mysql.exe and mysqld.exe) I want to work together with you on this.
Mark
-
mdaems
- Zeos Project Manager
- Posts: 2766
- Joined: 20.09.2005, 15:28
- Location: Brussels, Belgium
- Contact:
Hi Sohei,
I just got curious about this ssl thing. Started studying and saw that it just takes about 30 lines of code to add support foor SSL connections.
I also managed to set up mysql so that it accepts SSL. Which means : it's done. (I hope)
I committed my patch in Zeos testing branch (REV 240). I'll build a snapshot in a few minutes. You'll find it at http://zeosdownloads.firmos.at/downloads/snapshots
Please test and let me know if that was what you were looking for.
How to use?
Just add some property strings to your connection:
You can check if SSL is used by running this query:
If Ssl_cipher is set to a non-empty value you should have a good SSL connection.
Mark
I just got curious about this ssl thing. Started studying and saw that it just takes about 30 lines of code to add support foor SSL connections.
I also managed to set up mysql so that it accepts SSL. Which means : it's done. (I hope)
I committed my patch in Zeos testing branch (REV 240). I'll build a snapshot in a few minutes. You'll find it at http://zeosdownloads.firmos.at/downloads/snapshots
Please test and let me know if that was what you were looking for.
How to use?
Just add some property strings to your connection:
Code: Select all
object ZConnection1: TZConnection
Protocol = 'mysql-5'
HostName = 'localhost'
Database = 'zeoslib'
User = 'root'
Password = 'XXXX'
Properties.Strings = (
'MYSQL_SSL=TRUE'
'MYSQL_SSL_CA=D:/mysql/certs/ca-cert.pem'
'MYSQL_SSL_CERT=D:/mysql/certs/client-cert.pem'
'MYSQL_SSL_KEY=D:/mysql/certs/client-key.pem')
Left = 40
Top = 40
end
Code: Select all
show status like 'Ssl_C%'Mark
-
mdaems
- Zeos Project Manager
- Posts: 2766
- Joined: 20.09.2005, 15:28
- Location: Brussels, Belgium
- Contact:
Sorry Zippo,
I would have to reread this again :
http://dev.mysql.com/doc/refman/5.1/en/ ... tions.html
It's not I don't want to, but it's almost a year ago I did it. And I don't remember much about it. I do know it was the mysql help that just about told me everything I needed. So you really better read that yourself. If you run into problems, just contact me again with the exact problem, maybe we can solve it together.
My most important advice : test it using the mysql console first. That's the easiest way to make sure it works (eg. correct client certificates) before you start using it together with zeoslib.
Mark
I would have to reread this again :
http://dev.mysql.com/doc/refman/5.1/en/ ... tions.html
It's not I don't want to, but it's almost a year ago I did it. And I don't remember much about it. I do know it was the mysql help that just about told me everything I needed. So you really better read that yourself. If you run into problems, just contact me again with the exact problem, maybe we can solve it together.
My most important advice : test it using the mysql console first. That's the easiest way to make sure it works (eg. correct client certificates) before you start using it together with zeoslib.
Mark
