List:MySQL++« Previous MessageNext Message »
From:Edward Diener Date:December 15 2008 3:25pm
Subject:Re: SSL connections
View as plain text  
Warren Young wrote:
> On Dec 13, 2008, at 3:17 PM, Edward Diener wrote:
> 
>> How do I make a SSL connection using mysql++ ? I did not see any 
>> mention of SSL in the mysql++ documentation but maybe I just missed it.
> 
> It's been discussed on the list before.

I could not get to http://tangentsoft.net/mysql++/ the day before
yesterday, so I got a little impatient and posted the question before
searching the list.

> 
> You need to pass a mysqlpp::SslOption object to Connection::set_option().

OK, I see it. I think the paremeters to constructing an SslOption should
be documented, or at least you should point the programmer to the the
MySql Manual 22.2.3.67 where mysql_ssl_set has the explanation.

I am glad at least to know it is supported by mysql++.

> 
> I suspect you're building for Windows?  If so, beware that we've seen 
> problems getting this to work on Windows, confirmed by the comments here:
> 
> http://dev.mysql.com/doc/refman/5.0/en/secure-basics.html

Yes, I am building for Windows.

I have looked at the comments.

> 
> There are further comments in that thread on building a MySQL with SSL 
> awareness.
> 
> The comments on that page are from 2003, but the failure reports on this 
> list are much more recent, so for all I know, this is still the case.  
> If not, let us know so we can stop warning people. :)

I will try it out, but there is no real reason why it should not work in
mysql++ if it works using the lower level MySql C Api.

> 
>> How does this translate to mysql++ ?
> 
> All of the parameters mentioned in the MySQL documentation are 
> parameters to the SslOption object's ctor.

I will figure it out.

> 
>> Once an SSL connection is made does data automatically get 
>> encrypted/decrypted between the client and the server or is there 
>> something I must do on the client to encrypt data before sending it to 
>> the server and decrypt data before receiving it from the server ?
> 
> The whole point of SSL is that it's an encrypted channel for an 
> arbitrary TCP connection.  That's why they renamed it TLS: Transport 
> Layer (i.e. TCP) Security.

I assume this means that encryption/decryption is done automatically.

I will read section 5.5.7 of how to set it up, since that is not your
problem, and will ask in the appropriate NGs/Forums if I run into any
problems in setting things up or understanding SSL or X509.

Thread
SSL connectionsEdward Diener13 Dec
  • Re: SSL connectionsWarren Young14 Dec
    • Re: SSL connectionsEdward Diener15 Dec