Ensuring that SSL is being used with TMyConnection component

[jamesp81]

I am currently writing a program that will connect to a mysql DB across the internet. Because some of the information that will be exchanged is private, using SSL will be necessary.

I *think* that SSL is enabled with the hosting provider I'm using (I know that when search for variables like "%ssl" I get have_openssl = yes).

In my software that I'm writing, I have my TMyConnection object set to use mpSSL protocol, and it successfully connects to the database. IIRC, however, mysql will use the default, unencrypted protocol if the encrypted connection attempt fails. Is there any way I can tell if the connection is using SSL?

[Antaeus]

The settings you have made are not enough. You should also create user with REQUIRE SSL option and connect to server using this user's name. If you try to connect to user that was created with this option with invalid certificates, the connection will fail. If user wasn't created with REQUIRE SSL option, non-encrypted connection will be established.

[nelson]

hello

i have the same problem. what to do, if it's not possible to use REQUIRE SSL for an MySQL user? is it not possible, that MyDAC can disconnect if the connection is not SSL secured?

[Dimon]

TMyConnection does not allow to know secured or not secured connection was established.

In order to solve this problem, you can use security-oriented SecureBridge components, that are integrated with MyDAC.
SecureBridge's component TMySSLIOHandler lets MyDAC connect to MySQL server through SSL connection and gives you possibility to control secured connection. You can find more detailed information about SecureBridge by the following link: http://crlab.com/sbridge/