Enable SSL Connections for MySQL

Enable SSL connections for MySQL server and configure Gateway to communicate using secure connections. This is ideal where MySQL is offbox and located in a different network, and environments where extra security or encryption is required.
2
To enable SSL connections for your external MySQL server, you'll need to append three properties to the jdbcURL connection string in the database section of the values.yaml file for Helm Chart deployments, as shown in the following example:
database: enabled: true create: false jdbcURL: jdbc:mysql://myprimaryserver:3306,mysecondaryserver:3306/ssg?useSSL=true&requireSSL=true&verifyServerCertificate=false username: myuser password: mypassword name: ssg
Note that the following SSL-related properties were added to the jdbcURL string:
  • useSSL=true
  • requireSSL=true
  • verifyServerCertificate=false
Enforcing TLS Usage For Your Database Connection
To ensure that a specific version of TLS is used for your secured MySQL connection, append the following property to jdbcURL:
  • enabledTLSProtocols=TLSv1.x
For example, if we wanted to enforce the use of TLS v1.2, the following property would be appended to the jdbcURL connection string:
jdbcURL: jdbc:mysql://myprimaryserver:3306,mysecondaryserver:3306/ssg?useSSL=true&requireSSL=true&verifyServerCertificate=false&enabledTLSProtocols=TLSv1.2
To learn more about jdbcURL configurations, check out the following MySQL resources: