Version sans cache
Mise en cache désactivé. Réglage défaut pour cette page : actif (code DEF204)Si l'affichage est trop lent, vous pouvez désactiver le mode utilisateur pour visualiser la version en cache.
Rechercher dans le manuel MySQL
28.7.7.77 mysql_ssl_set()
bool mysql_ssl_set(MYSQL *mysql, const char *key, const
char *cert, const char *ca, const char *capath, const char
*cipher)
Description
mysql_ssl_set() is used for
establishing encrypted connections using SSL. The
mysql argument must be a valid connection
handler. Any unused SSL arguments may be given as
NULL.
If used, mysql_ssl_set() must
be called before
mysql_real_connect().
mysql_ssl_set() does nothing
unless SSL support is enabled in the client library.
It is optional to call
mysql_ssl_set() to obtain an
encrypted connection because by default, MySQL programs
attempt to connect using encryption if the server supports
encrypted connections, falling back to an unencrypted
connection if an encrypted connection cannot be established
(see Section 6.3.1, “Configuring MySQL to Use Encrypted Connections”).
mysql_ssl_set() may be useful
to applications that must specify particular certificate and
key files, encryption ciphers, and so forth.
mysql_ssl_set() specifies SSL
information such as certificate and key files for establishing
an encrypted connection if such connections are available, but
does not enforce any requirement that the connection obtained
be encrypted. To require an encrypted connection, use the
technique described in
Section 28.7.22, “C API Encrypted Connection Support”.
For additional security relative to that provided by the default encryption, clients can supply a CA certificate matching the one used by the server and enable host name identity verification. In this way, the server and client place their trust in the same CA certificate and the client verifies that the host to which it connected is the one intended. For details, see Section 28.7.22, “C API Encrypted Connection Support”.
mysql_ssl_set() is a
convenience function that is essentially equivalent to this
set of mysql_options() calls:
mysql_options(mysql, MYSQL_OPT_SSL_KEY, key);
mysql_options(mysql, MYSQL_OPT_SSL_CERT, cert);
mysql_options(mysql, MYSQL_OPT_SSL_CA, ca);
mysql_options(mysql, MYSQL_OPT_SSL_CAPATH, capath);
mysql_options(mysql, MYSQL_OPT_SSL_CIPHER, cipher);
Because of that equivalence, applications can, instead of
calling mysql_ssl_set(), call
mysql_options() directly,
omitting calls for those options for which the option value is
NULL. Moreover,
mysql_options() offers
encrypted-connection options not available using
mysql_ssl_set(), such as
MYSQL_OPT_SSL_MODE to specify the security
state of the connection, and
MYSQL_OPT_TLS_VERSION to specify the
protocols the client permits for encrypted connections.
Arguments:
mysql: The connection handler returned frommysql_init().key: The path name of the client private key file.cert: The path name of the client public key certificate file.ca: The path name of the Certificate Authority (CA) certificate file. This option, if used, must specify the same certificate used by the server.capath: The path name of the directory that contains trusted SSL CA certificate files.cipher: The list of permissible ciphers for SSL encryption.
This function always returns 0. If SSL
setup is incorrect, a subsequent
mysql_real_connect() call
returns an error when you attempt to connect.
Traduction non disponible
Le manuel MySQL n'est pas encore traduit en français sur l'infobrol. Seule la version anglaise est disponible pour l'instant.
Document créé le 26/06/2006, dernière modification le 26/10/2018
Source du document imprimé : https://www.gaudry.be/mysql-rf-mysql-ssl-set.html
L'infobrol est un site personnel dont le contenu n'engage que moi. Le texte est mis à disposition sous licence CreativeCommons(BY-NC-SA). Plus d'info sur les conditions d'utilisation et sur l'auteur.
Références
Ces références et liens indiquent des documents consultés lors de la rédaction de cette page, ou qui peuvent apporter un complément d'information, mais les auteurs de ces sources ne peuvent être tenus responsables du contenu de cette page.
L'auteur de ce site est seul responsable de la manière dont sont présentés ici les différents concepts, et des libertés qui sont prises avec les ouvrages de référence. N'oubliez pas que vous devez croiser les informations de sources multiples afin de diminuer les risques d'erreurs.
