TUniConnection in SSL mode with MySQL and no client-side certificates and key

[bogdan]

Hello,
I'd like to know if it's possible to connect in SSL mode to a MySQL database but without using client-side CA/client certificates and key.
I'm not interested if the client is who he claims to be. I just need to crypt the information flow like https does without the hassle of generating and distributing client certs and keys.

Up to this point I couldn't make my TUniConnection work without any of the CA cert, client cert and client key. Is it possible?
I tested the concept and it works great in HeidiSQL.
Mysql cmd line tool and ODBC driver seem to require at least the --ssl-ca parameter but it works without the client cert and client key.

Or, if it's not possible, is there a way to pass the certificates and the key to the connection at runtime as strings rather then file names?

Thank you.

[ViktorV]

Possibility to connect to MySQL server via SSL not using client-side CA/client certificates and key with UniDAC depends on the OpenSSL library, and we can't affect this.
To configure SSL connection to MySQL server without using client-side CA/client certificates and key, you can use the following code:

Code: Select all

  UniConnection.SpecificOptions.Values['MySQL.Protocol'] := 'mpSSL'; 
  UniConnection.SpecificOptions.Values['MySQL.SSLCACert'] := '';
  UniConnection.SpecificOptions.Values['MySQL.SSLCert'] := '';
  UniConnection.SpecificOptions.Values['MySQL.SSLKey'] := '';
  UniConnection.SpecificOptions.Values['MySQL.SSLChipherList'] := '';

[ViktorV]

You can use UniDAC with SecureBridge components to connect to MySQL server using SSL connection avoiding client-side CA/client certificates and key. For more information, please read the %UniDACDemos%\TechnologySpecific\SecureBridge\Readme.html file, where %UniDACDemos% is the UniDAC Demo projects installation path on your computer. You can see an example of UniDAC and SecureBridge co-working in the demo projects: %UniDACDemos%\TechnologySpecific\SecureBridge.