Connector/J (JDBC) Reference
2081
Keytool will prompt you for the following information, and create a keystore named
keystore
in the
current directory.
Respond with information that is appropriate for your situation:
Enter keystore password: *********
What is your first and last name?
[Unknown]: Matthews
What is the name of your organizational unit?
[Unknown]: Software Development
What is the name of your organization?
[Unknown]: MySQL AB
What is the name of your City or Locality?
[Unknown]: Flossmoor
What is the name of your State or Province?
[Unknown]: IL
What is the two-letter country code for this unit?
[Unknown]: US
Is <CN=Matthews, OU=Software Development, O=MySQL AB,
L=Flossmoor, ST=IL, C=US> correct?
[no]: y
Enter key password for <mysqlClientCertificate>
(RETURN if same as keystore password):
Finally, to get JSSE to use the keystore and truststore that you have generated, you need to set the
following system properties when you start your JVM, replacing
path_to_keystore_file
with the
full path to the keystore file you created,
path_to_truststore_file
with the path to the truststore
file you created, and using the appropriate password values for each property. You can do this either
on the command line:
-Djavax.net.ssl.keyStore=
path_to_keystore_file
-Djavax.net.ssl.keyStorePassword=
password
-Djavax.net.ssl.trustStore=
path_to_truststore_file
-Djavax.net.ssl.trustStorePassword=
password
Or you can set the values directly within the application:
System.setProperty("javax.net.ssl.keyStore","
path_to_keystore_file
");
System.setProperty("javax.net.ssl.keyStorePassword","
password
");
System.setProperty("javax.net.ssl.trustStore","
path_to_truststore_file
");
System.setProperty("javax.net.ssl.trustStorePassword","
password
");
You will also need to set
useSSL
to
true
in your connection parameters for MySQL Connector/
J, either by adding
useSSL=true
to your URL, or by setting the property
useSSL
to
true
in the
java.util.Properties
instance you pass to
DriverManager.getConnection()
.
You can test that SSL is working by turning on JSSE debugging (as detailed below), and look for the
following key events:
...
*** ClientHello, v3.1
RandomCookie: GMT: 1018531834 bytes = { 199, 148, 180, 215, 74, 12, »
54, 244, 0, 168, 55, 103, 215, 64, 16, 138, 225, 190, 132, 153, 2, »
217, 219, 239, 202, 19, 121, 78 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 3D B6 90 FA C7 94 B4 D7 4A 0C ...7..=.......J.
0010: 36 F4 00 A8 37 67 D7 40 10 8A E1 BE 84 99 02 D9 6...7g.@........
0020: DB EF CA 13 79 4E 00 00 10 00 05 00 04 00 09 00 ....yN..........
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
main, READ: SSL v3.1 Handshake, length = 74
*** ServerHello, v3.1
RandomCookie: GMT: 1018577560 bytes = { 116, 50, 4, 103, 25, 100, 58, »
202, 79, 185, 178, 100, 215, 66, 254, 21, 83, 187, 190, 42, 170, 3, »
132, 110, 82, 148, 160, 92 }
Summary of Contents for 5.0
Page 1: ...MySQL 5 0 Reference Manual ...
Page 18: ...xviii ...
Page 60: ...40 ...
Page 396: ...376 ...
Page 578: ...558 ...
Page 636: ...616 ...
Page 844: ...824 ...
Page 1234: ...1214 ...
Page 1427: ...MySQL Proxy Scripting 1407 ...
Page 1734: ...1714 ...
Page 1752: ...1732 ...
Page 1783: ...Configuring Connector ODBC 1763 ...
Page 1793: ...Connector ODBC Examples 1773 ...
Page 1839: ...Connector Net Installation 1819 2 You must choose the type of installation to perform ...
Page 2850: ...2830 ...
Page 2854: ...2834 ...
Page 2928: ...2908 ...
Page 3000: ...2980 ...
Page 3122: ...3102 ...
Page 3126: ...3106 ...
Page 3174: ...3154 ...
Page 3232: ...3212 ...