[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] MySQL 4 with SSL
- Subject: Re: [cobalt-users] MySQL 4 with SSL
- From: "Ian" <cobalt@xxxxxxxxxxxxx>
- Date: Thu May 15 01:57:01 2003
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On 15 May 2003 at 10:48, René Mølsted wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> - -----BEGIN PGP SIGNED MESSAGE-----
>
> Just got an update:
> It's only used to sync 2 databases between server1 (ours) and
server2
> (clients db) via internet, does this change anything?
The easiest way forward would be stunnel, just remember to open up
the ports in your firewall.
> On torsdag, maj 15, 2003, at 10:36 Europe/Copenhagen, Ian wrote:
>
> > On 14 May 2003 at 17:54, René Mølsted wrote:
> >
> > <snip>
> >
> >>> Can I ask - how are you intending to use this ssl connection ?
> >>> Is it for a web site on the same server? Another client on
the
> >>> network ? Another client on the internet ?
> >
> >> It is intented for all three connections ;o)
> >
> > There is not much you can do about connections from the server,
apart
> > from encrypting data yourself. For websites with sensetive data,
I
> > use gnupgp.
> >
> >
> >>> The reason I ask - I have seen nothing but problems with
getting
> >>> mysql-ssl working, I ended up just using a secure tunnel -
took
> >>> about five minutes to set up.
> >
> >> How does secure tunnel works?
> >
> > I use stunnel ( http://www.stunnel.org ).
> >
> > It works in two modes: client and server.
> >
> > Basically the server listens on a port you specify ( eg 3007 )
for
> > any SSL connections and passes them on unencrypted to another
local
> > port you specify (in this case the MySQL port 3306 ).
> >
> > The client listens on a local port ( eg 3006) for any unencrypted
> > connections, then creates a SSL connection to the server port
(3007).
> >
> >
> > Stunnel is available as source code for Linux and as a
precompiled
> > binary for windows. The latest version even runs as a service
under
> > win2k.
> >
> > You don't just have to use it for MySQL, it can provide secure
access
> > to any service.
> >
> >
> > Regards
> >
> > Ian
> > --
> >
> >
> >
> >
> > _____________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
>
> - -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.2
>
> iQCVAwUBPsNUKRP8J6DAN1ixAQEArQP/Y+p4iR2b69Bsyd6FqHnVrKskQzklbc8u
> MVjIgaahfssySWzfGS8cjx45/M+XPgId2TdOMUNxW64Ggargl1L+G6opIbmSQ4OS
> WbcO+MjhIJ0BSU3gwVbqtEJjHBUhxIjQULpQufpk2SChTsL2FG77VMUIMBahUuig
> NVPcFtm6c/w=
> =ZWd+
> - -----END PGP SIGNATURE-----
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.2
>
> iQCVAwUBPsNURhP8J6DAN1ixAQEZXwP/R+bWnRgxW56FlSvrk0p1YlxJJreE+3GV
> dsgRSwIBivlH+Swv/VoKNwM6MYSCg606lw4D9Z89rfyiL+4LRRe/Qu5eXhtd29BZ
> m3SH19gDWVa6WyYYyesS9oMHRmcQT6z8Y0FNfhhkk9uW0jV7F5x1mpXyEa85BT4h
> 8XSuPHHwONQ=
> =+INN
> -----END PGP SIGNATURE-----
>
> _____________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users