mysql_ssl_set - Man Page

Name

mysql_ssl_set - Sets TLS/SSL options

Synopsis

#include <mysql.h>

my_bool mysql_ssl_set(MYSQL *mysql,
                      const char *key,
                      const char *cert,
                      const char *ca,
                      const char *capath,
                      const char *cipher)

Description

Used for establishing a secure TLS connection. It must be called before attempting to use mysql_real_connect(3). TLS support must be enabled in the client library in order for the function to have any effect.

NULL can be used for an unused parameter. Always returns zero.

To enable TLS without specifying certificates, set all values to NULL:

mysql_ssl_set(mysql, NULL, NULL, NULL, NULL, NULL)

This is the same as mysql_optionsv(mysql, MYSQL_OPT_SSL_ENFORCE, &yes).

Parameter

  • mysql - a mysql handle, which was previously allocated by mysql_init(3).
  • key - path to the key file.
  • cert - path to the certificate file.
  • ca - path to the certificate authority file.
  • capath - path to the directory containing the trusted TLS CA certificates in PEM format.
  • cipher list of permitted (SSLv3, TLSv1.0 or TLSv1.2) cipher suites to use for TLS encryption.

Notes

  • mysql_real_connect(3) will return an error if attempting to connect and TLS is incorrectly set up.
  • Even if Connector/C supports TLSv1.3 protocol, it is not possible yet to specify TLSv1.3 cipher suites via cipher parameter.

See also

Referenced By

mysql_get_ssl_cipher(3).

Version 3.4 MariaDB Connector/C