How to configure spring boot application to use SSL/TLS over MySQL?

Question

I set up SSL on my MySQL server.

I generated few certicates for CA (ca.pem, ca-key.pem), for client (client-cert.pem, client-key.pem) and server (server-cert.pem and se

Answer 1

You need to add the "*.pem" files (cert and key) in a keystore and the CA in a "truststore".

This link explains well how to create your own keystore and truststore [link] http://roopindersingh.com/programming/converting-pem-certificates-and-private-keys-to-jks/

After you have to add in JVM paramaters

-Djavax.net.ssl.keyStore=/path/to/keystore/keystore.jks
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl.trustStore=/path/to/keystore/truststore.jks
-Djavax.net.ssl.trustStorePassword=password

Answer 2

Check my answer: https://stackoverflow.com/a/51879119/173149

I don't like to pollute java options or system properties, which are useless in application containers in any case...

You can set SSL certificate for MySQL connection programmically with:

jdbc:mysql://example.com:3306/MYDB?verifyServerCertificate=true&useSSL=true&requireSSL=true&clientCertificateKeyStoreUrl=file:cert/keystore.jks&clientCertificateKeyStorePassword=123456&trustCertificateKeyStoreUrl=file:cert/truststore.jks&trustCertificateKeyStorePassword=123456

It is documented:

• https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-configuration-properties.html
• https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-reference-using-ssl.html