MySQL: DB connection with SSL and keystores
Create Client pkcs#12
openssl pkcs12 -export -in /etc/mysql/certs/client-cert.pem -inkey /etc/mysql/certs/client-key.pem -certfile /etc/mysql/certs/ca-cert.pem -out /tmp/client-keystore.p12 -name mysqlclient -passout pass:changeit
Create Trusstore PKCS
keytool -import -trustcacerts -file /etc/mysql/certs/ca-cert.pem -alias mysqlserver -keystore /tmp/mysql-truststore.p12 -storetype PKCS12 -storepass changeit -noprompt
JDBC URL:
jdbc:mysql://mysql-pmmdevdb601.gcp.tmw.com:3306/pmmdvlp?useSSL=true&requireSSL=true&verifyServerCertificate=true&clientCertificateKeyStoreUrl=file:/tmp/client-keystore.p12&clientCertificateKeyStorePassword=changeit&clientCertificateKeyStoreType=PKCS12&trustCertificateKeyStoreUrl=file:/tmp/mysql-truststore.p12&trustCertificateKeyStorePassword=changeit&trustCertificateKeyStoreType=PKCS12
jdbc:mysql://mysql-pmmdevdb601.gcp.tmw.com:3306/pmmdvlp?useSSL=true&requireSSL=true&verifyServerCertificate=true&clientCertificateKeyStoreUrl=file:/tmp/client-keystore.p12&clientCertificateKeyStorePassword=changeit&clientCertificateKeyStoreType=PKCS12&trustCertificateKeyStoreUrl=file:/tmp/mysql-truststore.p12&trustCertificateKeyStorePassword=changeit&trustCertificateKeyStoreType=PKCS12
Comments
Post a Comment