Skip to main content
Feedback

MySQL SSL connection

Secure Socket Layer (SSL) is a cryptographic protocol used to establish a secure connection between a client and a server over the Internet. It ensures that data transmitted between the client and server remains encrypted and protected from unauthorized access.

You can connect to a MySQL database hosted on Amazon RDS/Aurora and Google Cloud SQL using SSL.

Connecting to Amazon RDS/Aurora

info

Ensure that you have an Amazon Web Services (AWS) account with the appropriate permissions to manage Amazon RDS or Aurora instances.

Step 1: configure a parameter group

To enable SSL connections to your Amazon RDS/Aurora instance, you must configure the Parameter group associated with the instance.

  1. In the AWS Management console, navigate to the "Amazon RDS/Aurora" dashboard.
  2. Click Parameter Groups in the navigation menu.
  3. To modify the RDS instance's parameter group, select you database.
  4. To enable SSL connections, you can create a new parameter group or modify an existing one. Ensure that the parameter group belongs to the MySQL family, and set the following parameter: Parameter: rds.force_ssl Value: 1 By setting this parameter to 1, SSL connections are enforced.
  5. Navigate to the Configuration tab within the MySQL instance database.
  6. Ensure that your database instance parameter group is synchronized with your database. If not, access the modify page, scroll down, and in the Additional Configuration section, find and select your database.

Step 2: Download SSL certificate

To establish an SSL connection to Amazon RDS/Aurora, you need an SSL certificate.

  1. In the AWS Management console, navigate to the Amazon RDS/Aurora dashboard.
  2. Choose the MySQL instance you want to work with.
  3. Find the relevant certificate bundle for your region within the Amazon RDS documentation.
  4. Download the SSL certificate by clicking on the provided link next to it.
  5. Save the downloaded certificate file (for example, us-east-2-bundle.pem) to a secure location.

Step 3: Connect to MySQL in Data Integration using SSL

Now that you have the SSL certificate and the security group is configured correctly, you can establish an SSL connection to your Amazon RDS/Aurora MySQL instance.

  1. Enter a Connection Name.
  2. Select the SSL Options tab.
  3. To use SSL authentication with Amazon RDS, you must choose either the Verify-CA or Verify-Identity mode.
  4. Drag and drop the downloaded SSL certificate onto the CA Certification label.

Connecting to Google Cloud SQL

info

Ensure that you have a Google Cloud Platform (GCP) account with the appropriate permissions to manage Cloud SQL instances.

Step 1: Download the client certificates

To establish an SSL connection to Google Cloud SQL, you must download the client certificate.

  1. In the GCP console, navigate to the SQL instances page.
  2. Select your MySQL instance.
  3. In the left navigation menu, click on Connections.
  4. Click the Security tab.
  5. Select the Create Client Certificate.
  6. Provide a unique name for the client certificate.
  7. Download the three provided files to a secure location.

The psql command provided at the bottom can be disregarded.

Step 2: Connect to MySQL in Data Integration using SSL

With the SSL configuration and the client certificates downloaded, you can connect to your Google Cloud SQL MySQL instance using SSL.

  1. Enter Connection Name.
  2. Select the SSL Options tab.
  3. Choose the SSL mode of your choice.
  4. Drag and drop the downloaded SSL certificate onto the matching labels of your files.
On this Page