More and more people are requesting how they could connect to MySQL without using a password but using a SSL certificate. Known as X509.
A CA certificate is a digital certificate issued by a certificate authority (CA). It’s used by clients to verify the SSL certificates sign by this CA.
Such certificates is usually paid and needs to be manually installed with MySQL Server. But by default, MySQL generates a self-signed certificate and provides its own CA.
For obvious reason, I will use the certificates that have been auto-generated by MySQL on my system. However, for production, I encourage you to have a real CA signed certificate.
The CA certificate is called ca.pem and is
located in MySQL’s datadir (
Oracle Linux, RHEL, Fedora, CentOS, …).
In case you don’t know where your ca.pem is located, you can …[Read more]