MariaDB SQL over SSL/TLS
Вставка
- Опубліковано 9 січ 2021
- If you're accessing a MariaDB or MySQL server remotely, you should set up SSL/TLS encryption to secure the traffic. Join me as I configure a MariaDB server to serve over TLS, then set up a MariaDB client and a PHP PDO application to access the server over TLS.
The commands I used in this video can be found in text form here: nerdonthestreet.com/wiki?find...
---
Join the Nerd Club: nerdclub.nots.co
Official website: nerdonthestreet.com
Discord server: discord.nots.co
Subreddit: / nerdonthestreet
Facebook page: / nerdonthestreet
Twitter feed: / nots_network
E-Mail: jacob@nerdonthestreet.com - Наука та технологія
This is the most fantastic video I think I've ever set my eyes on. Not only did you explain from start to finish, you explained plenty of niche things to look out for that normally actually did hang me up for a long time without your video. You are fantastic
Fantastic presentation. Well done. Really appreciate the demo of showing how to use SSL with PHP & PDO drivers. This will save me hours of research on my own.
Great tutorial. I probably won't be doing this soon, but it did give me some ideas. As I'm only getting services/servers to run on my local network I have a local DNS that gives out domain names to my machines, but those running on SSL are self-signed for obvious reasons and browsers keep giving me the certificate warnings and in some instances, like testing out a local BigBlueButton server which requires SSL and WebRTC to work needs a signed certificate from a trusted authority, so I hit a brick wall there.
The part where you demonstrated on how to get the server to act like a certificate authority for the MariaDB client gave me the idea to make a dedicated CA server for the local domains, so thank you!
Great video. For those using MySQL 8, notice that it comes with certs out-of-the-box. Also you can use mysql_ssl_rsa_setup to generate certs without all the hassle.
Seriously GREAT content. TYSM!
Great explanation. Very clear and well presented.
Absolutely like this video. Explained every bit of it. Nice one. I would recommend explaining a bit more on how a client uses its certificate to talk to mariadb server on SSL to have a better understanding. Thanks for this great video again. Subscribing ur channel for more videos.
Good example, thanks for sharing this practical case.
Very well done!! Thank you!
Dude you're a life saver, Ty!
Brilliant explanations of many things. Thanks!
Subscribed - thank you! Great video!
Man you are genius..i was looking for so many other videos but yours just awesome..kudos I have become a fan
It would be interesting to know how to do this with Dockerized MariaDB servers. Good video, great pace and speaking style.
Thanks! very informative video. and actual solution.
Imper clear!! Thk u
Great tutorial, I am getting "Error: SQLSTATE[HY000] [2002]" trying to use PDO, everything works because I can connect to the database using workbench with the same PEM files.
Thank you .
CAn we only make one way ssl secure that is the application is using the public cert i.e ca-cert.pem and connect to mariadb over ssl
You are smart now.
I am not sure what to call you
Bro or Uncle?
How about docker?
The only valid point made in this video is that St Louis is better than Denver.
Hey, thank you for this great tutorial. I am trying to set up a database server on Ubuntu 20.04 with mariadb and do get the following error message when trying to connect: 'ERROR 2026 (HY000): SSL connection error: The certificate is NOT trusted. The name in the certificate does not match the expected. ' I've repeated all steps several times now, ensuring every command is correct. I didn't change anything else regarding server or client configuration, it is a clean installation. I did use different common names in each file and so on. I also tried concatinating the server-cert and client-cert. Any idea/solution to this?
Also running into this issue... Looks like not much support on the topic on Google. Did you figure this out?
Hey NOS. Thanks, for this. I have tried using the 'openssl rsa -in ./server-key.pem -out ./server-key-rsa.pem' command but I don't get the 'BEGIN RSA PRIVATE KEY' statement. Please help. I'm using Jammy.