[rt-users] Implementing SSL MySQL Backend
Guy Dickinson
guy.dickinson at nyu.edu
Fri Nov 28 13:47:38 EST 2008
Jesse Vincent wrote:
>> I took inspiration for the implementation from a rt-users mailing list
>> post by Mike Friedman
>> (http://lists.bestpractical.com/pipermail/rt-users/2007-April/045347.html).
>> In patch syntax, the precise change I made to RT::Handle was
>
>
> So, isn't there an environment variable one can set to have DBD::mysql
> pick this up?
To my knowledge, there are two ways to get DBD::mysql to issue the
appropriate C calls to initiate an SSL-encrypted connection:
1) Define the relevant parameters in the DSN, a la:
my $dsn =
"DBI:mysql:database=$database;host=$hostname;port=$port;mysql_ssl_ca_file
=/etc/mysqlcerts/ca.pem";
my $dbh = DBI->connect($dsn, $user, $password);
and so on...
2) Define the SSL CA file in the [client] portion of /etc/my.cnf and
then explicitly tell DBI::mysql to read the config file. From the
DBD::mysql documentation
(http://search.cpan.org/dist/DBD-mysql/lib/DBD/mysql.pm):
***
By default MySQL's C client library doesn't use any config files unlike
the client programs (mysql, mysqladmin, ...) that do, but outside of the
C client library. Thus you need to explicitly request reading a config
file, as in
$dsn = "DBI:mysql:test;mysql_read_default_file=/home/joe/my.cnf";
$dbh = DBI->connect($dsn, $user, $password)
***
Cheers,
Guy
More information about the rt-users
mailing list