Hello, is there a way to connect to MySQL with enc...
# gd-beginners
Hello, is there a way to connect to MySQL with encryption (i.e. using SSL certificates)? When I was adding the MySQL data source I didn’t see this capability. I tried looking at the documentation but didn’t see anything either
Hi Michael, when you setting up a MySQL datasource connection you are able to set SSL encryption mode (prefer/require/verify-full). But you are right, we don't have this documented.
@Andrey Skripnikov are we able to get some additional info / doc on this please?
If I select
verify full
, it doesn’t give me the option to add the SSL certs somewhere though?
Hi @Boris, do you have any information on where the SSL certs can be added? thank you
Hi Michael, Andrey from the GoodData’s Product Team here. You surely can connect to the MySQL databases with SSL encryption. We have three modes supported:
. By default we are using the maximum security
mode. It uses SSL connection and verifies if the certificate was signed by a trusted CA as well as if the server hostname match with the hostname stored in server certificate. You can also use the self-signed certificate, but it will only allow to use
encryption mode that only secures the connection, but doesn’t enforce data encryption. We don’t allow self-service certificate upload. It can only be done through the customer support for our paying customers. Hope it helps!
@Andrey Skripnikov Thank you for the information. We’re going to be a paying customer on the Growth plan. Will that allow us to send a client private key, client certificate, and server CA to customer support for the connection then?
(we use Google Cloud SQL and for SSL connections, I believe it is required for us to do it this way)
For example, when we use another product, Retool, to make our MySQL database connection, we have this:
Hi Michael. Unfortunately, we do not support specifying CA certificate nor client key and client cert for authorization. Please use username and password and based on used CA, please use proper setting - verify-full or require.