Buy Percona ServicesBuy Now!

MySQL connection using SSL… or not ?

 | February 23, 2016 |  Posted In: MySQL


MySQL connection using SSLIn this blog post, we’ll discuss how we can determine if a MySQL connection is using SSL.

Since MySQL 5.7.5 the server generates SSL certificates (see auto_generate_certs) by default if compiled with SSL, or uses mysql_ssl_rsa_setup if compiled with YaSSL.

But how can we check to see if our MySQL client connection uses SSL ?

When using an interactive client, it’s easy! You have two options:

1. Check the status(s):

As you can see, for that connection, we are indeed using SSL: SSL: Cipher in use is DHE-RSA-AES256-SHA

2. Use the status variables Ssl_version  and Ssl_cipher:

But is there a way to verify this on all the connections? For example, if we have some applications connected to our database server, how do we verify which connections are using SSL and which are not?

Yes there is solution: Performance_Schema!

This is how:

That’s it. Isn’t that easy? 😉

Frederic Descamps

Frédéric joined Percona in June 2011, he is an experienced Open Source consultant with expertise in infrastructure projects as well in development tracks and database administration. Frédéric is a believer of devops culture.


Comments are closed