I spent about 5 hours today getting MySQL to work with SSL connections. What a pain. The whole need to create your own CA for a self-signed cert drove me nuts.

I finally got it to work following these instructions.

Then I connected with a connection string like this:


mysql --ssl-key=newcerts/client-key.pem --ssl-cert=newcerts/client-cert.pem --ssl-ca=newcerts/ca-cert.pem -umyuser -pmypassword -hmy.server.org mydatabase


I think I'll probably go through and regenerate everything with a 3000 day expiration date: I don't want to have to go through that again soon.